CVE-2026-43199

Source
https://cve.org/CVERecord?id=CVE-2026-43199
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-43199.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2026-43199
Downstream
Published
2026-05-06T11:28:06.232Z
Modified
2026-06-18T03:55:10.239016517Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
net/mlx5e: Fix "scheduling while atomic" in IPsec MAC address query
Details

In the Linux kernel, the following vulnerability has been resolved:

net/mlx5e: Fix "scheduling while atomic" in IPsec MAC address query

Fix a "scheduling while atomic" bug in mlx5eipsecinitmacs() by replacing mlx5querymacaddress() with etheraddrcopy() to get the local MAC address directly from netdev->dev_addr.

The issue occurs because mlx5querymacaddress() queries the hardware which involves mlx5cmdexec() that can sleep, but it is called from the mlx5eipsechandleevent workqueue which runs in atomic context.

The MAC address is already available in netdev->dev_addr, so no need to query hardware. This avoids the sleeping call and resolves the bug.

Call trace: BUG: scheduling while atomic: kworker/u112:2/69344/0x00000200 __schedule+0x7ab/0xa20 schedule+0x1c/0xb0 schedule_timeout+0x6e/0xf0 __waitforcommon+0x91/0x1b0 cmdexec+0xa85/0xff0 [mlx5core] mlx5cmdexec+0x1f/0x50 [mlx5core] mlx5querynicvportmacaddress+0x7b/0xd0 [mlx5core] mlx5querymacaddress+0x19/0x30 [mlx5core] mlx5eipsecinitmacs+0xc1/0x720 [mlx5core] mlx5eipsecbuildaccelxfrmattrs+0x422/0x670 [mlx5core] mlx5eipsechandleevent+0x2b9/0x460 [mlx5core] processonework+0x178/0x2e0 workerthread+0x2ea/0x430

Database specific
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/43xxx/CVE-2026-43199.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
cee137a634318bfbda18ee5af45d300153b57fa5
Fixed
e1407fb7c337373dfaaae2445d828b0b9ae26a29
Fixed
57957bc7f1865778ec9b1618e15515feb6df7eb4
Fixed
546de94e41e92e1f7dc6213615fb7c794d05db98
Fixed
859380694f434597407632c29f30fdb5e763e6cc

Database specific

source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-43199.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.12.75
Type
ECOSYSTEM
Events
Introduced
6.13.0
Fixed
6.18.16
Type
ECOSYSTEM
Events
Introduced
6.19.0
Fixed
6.19.6

Database specific

source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-43199.json"