Volerion logoVolerion
Volerion logoVolerion

Linux Kernel IB/MTHCA User-Triggered Resource Leak Vulnerability in SRQ Management

Vulnerability

A vulnerability in the Linux kernel's IB/MTHCA driver can lead to a user-triggered resource leak during the management of Shared Receive Queues (SRQs). This issue arises because the 'mthca_unmap_user_db()' function was not properly called in the 'mthca_create_srq()' function, leaving certain resources improperly managed. The vulnerability affects the stable versions of the Linux kernel.

Impact

The vulnerability can be exploited to create a resource leak, which may lead to increased memory usage or exhaustion of system resources over time.

Reproduction

The vulnerability can be reproduced by creating a Shared Receive Queue (SRQ) using the IB/MTHCA driver. If the SRQ creation process fails, the 'mthca_unmap_user_db()' function is not called to clean up resources, leading to a leak. This can be observed by monitoring system resource usage during the SRQ creation process.

Remediation

Users can upgrade to the latest stable version of the Linux kernel, where this vulnerability has been addressed.

Added: Mar 25, 2026, 1:22 PM
Updated: Mar 25, 2026, 1:22 PM

Vulnerability Rating

Custom Algorithm
spread
9.0
impact
2.5
exploitability
4.3
remediation
7.7
relevance
4.7
threat
4.8
urgency
2.9
incentive
0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.