CVE-2026-46189

Source
https://cve.org/CVERecord?id=CVE-2026-46189
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-46189.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2026-46189
Downstream
Related
Published
2026-05-28T09:36:43.205Z
Modified
2026-07-03T03:53:28.938281973Z
Severity
  • 7.0 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
RDMA/vmw_pvrdma: Fix double free on pvrdma_alloc_ucontext() error path
Details

In the Linux kernel, the following vulnerability has been resolved:

RDMA/vmwpvrdma: Fix double free on pvrdmaalloc_ucontext() error path

Sashiko points out that pvrdmauarfree() is already called within pvrdmadeallocucontext(), so calling it before triggers a double free.

Database specific
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/46xxx/CVE-2026-46189.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
29c8d9eba550c6d73d17cc1618a9f5f2a7345aa1
Fixed
269967d7693304e1f06ed2dff4ebbbeeb397cda4
Fixed
1df5711121cdc11e76b889408fdbe459feba1d39
Fixed
3a231c34c5bc3d3cfc850b877758ec9fdaa8a483
Fixed
ecc36a82ecfcfdf3c6606d209f22ec5543c410e0
Fixed
45d25e3ec17900bf5a9d6876ff16ceee31c4c0e0
Fixed
0c63333ff97bd1275294fd12840a0efe9d7a4c59
Fixed
935ee27d0904aa944cbcc979094c20e5ef62eead
Fixed
e38e86995df27f1f854063dab1f0c6a513db3faf

Database specific

source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-46189.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
4.10.0
Fixed
5.10.258
Type
ECOSYSTEM
Events
Introduced
5.11.0
Fixed
5.15.209
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
6.1.175
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.6.140
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.12.88
Type
ECOSYSTEM
Events
Introduced
6.13.0
Fixed
6.18.30
Type
ECOSYSTEM
Events
Introduced
6.19.0
Fixed
7.0.7

Database specific

source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-46189.json"