Copyright © 2012 Red Hat, Inc. All rights reserved. Moderate 2026-05-28T00:00:00 kernel: RDMA/ocrdma: Don't NULL deref uctx on errors in ocrdma_copy_pd_uresp() 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CWE-824

In the Linux kernel, the following vulnerability has been resolved: RDMA/ocrdma: Don't NULL deref uctx on errors in ocrdma_copy_pd_uresp() Sashiko points out that pd->uctx isn't initialized until late in the function so all these error flow references are NULL and will crash. Use the uctx that isn't NULL.

A flaw was found in the Linux kernel, specifically within the RDMA (Remote Direct Memory Access) ocrdma driver. This vulnerability arises from an uninitialized pointer in the `ocrdma_copy_pd_uresp()` function's error handling, which can lead to a NULL dereference. An attacker could exploit this to cause a system crash, resulting in a Denial of Service (DoS).

This Moderate-severity flaw in the Linux kernel's RDMA ocrdma driver can lead to a system crash and denial of service. The vulnerability, caused by an uninitialized pointer in error handling, requires local access to a system with the ocrdma driver loaded for exploitation. Red Hat Enterprise Linux 6 and 7 are affected. To prevent the `ocrdma` kernel module from loading, blacklist it by creating a file `/etc/modprobe.d/blacklist-ocrdma.conf` with the content `blacklist ocrdma`. After saving the file, regenerate the initramfs using `dracut -f -v` and reboot the system for the changes to take effect. This action may affect functionality dependent on the ocrdma driver and RDMA hardware. Red Hat Enterprise Linux 10 Not affected kernel Red Hat Enterprise Linux 6 Out of support scope kernel Red Hat Enterprise Linux 7 Fix deferred kernel Red Hat Enterprise Linux 7 Fix deferred kernel-rt Red Hat Enterprise Linux 8 Not affected kernel Red Hat Enterprise Linux 8 Not affected kernel-rt Red Hat Enterprise Linux 9 Not affected kernel Red Hat Enterprise Linux 9 Not affected kernel-rt https://www.cve.org/CVERecord?id=CVE-2026-46127 https://nvd.nist.gov/vuln/detail/CVE-2026-46127 https://lore.kernel.org/linux-cve-announce/2026052816-CVE-2026-46127-7c28@gregkh/T