CVE-2026-43296

Source
https://cve.org/CVERecord?id=CVE-2026-43296
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-43296.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2026-43296
Downstream
Related
Published
2026-05-08T13:11:18.870Z
Modified
2026-07-03T18:29:29.599416770Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
octeontx2-af: Workaround SQM/PSE stalls by disabling sticky
Details

In the Linux kernel, the following vulnerability has been resolved:

octeontx2-af: Workaround SQM/PSE stalls by disabling sticky

NIX SQ manager sticky mode is known to cause stalls when multiple SQs share an SMQ and transmit concurrently. Additionally, PSE may deadlock on transitions between sticky and non-sticky transmissions. There is also a credit drop issue observed when certain condition clocks are gated.

work around these hardware errata by: - Disabling SQM sticky operation: - Clear TM6 (bit 15) - Clear TM11 (bit 14) - Disabling sticky → non-sticky transition path that can deadlock PSE: - Clear TM5 (bit 23) - Preventing credit drops by keeping the control-flow clock enabled: - Set TM9 (bit 21)

These changes are applied via NIXAFSQMDBGCTL_STATUS. With this configuration the SQM/PSE maintain forward progress under load without credit loss, at the cost of disabling sticky optimizations.

Database specific
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/43xxx/CVE-2026-43296.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
5d9b976d4480dc0dcfa3719b645636d2f0f9f156
Fixed
9a3fd301329474f449e75f86d8a4f6b9c603fd6c
Fixed
d0b3c8a80336029d9356f429151eb27922d80a3c
Fixed
36cc5a5e0178d5fb79e04173b8aa623b0108819a
Fixed
d9b549b6951ba178ec14339a031cae65f4e43fe1
Fixed
cec2ceb35ce7bc874c43812bb39200d6cf691b87
Fixed
8052d0587fb14b85539c3a14a226586c0c3d6b4c
Fixed
b7eba260a34e854e2487b8363c11976f082df00d
Fixed
70e9a5760abfb6338d63994d4de6b0778ec795d6

Database specific

source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-43296.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
5.5.0
Fixed
5.10.252
Type
ECOSYSTEM
Events
Introduced
5.11.0
Fixed
5.15.202
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
6.1.165
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.6.128
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.12.75
Type
ECOSYSTEM
Events
Introduced
6.13.0
Fixed
6.18.16
Type
ECOSYSTEM
Events
Introduced
6.19.0
Fixed
6.19.6

Database specific

source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-43296.json"