Skip to main content

Linux Kernel EUVDEUVD-2026-27791

| CVE-2026-43230 HIGH
2026-05-06 Linux GHSA-v9pp-wjc8-hr9p
7.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.5 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
SUSE
HIGH
qualitative
Red Hat
5.5 MEDIUM
qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

4
Analysis Generated
May 08, 2026 - 13:40 vuln.today
CVSS changed
May 08, 2026 - 13:22 NVD
7.5 (HIGH)
Patch available
May 06, 2026 - 13:32 EUVD
CVE Published
May 06, 2026 - 11:28 nvd
HIGH 7.5

DescriptionCVE.org

In the Linux kernel, the following vulnerability has been resolved:

net/rds: Clear reconnect pending bit

When canceling the reconnect worker, care must be taken to reset the reconnect-pending bit. If the reconnect worker has not yet been scheduled before it is canceled, the reconnect-pending bit will stay on forever.

AnalysisAI

Denial of service in Linux kernel RDS networking module allows remote unauthenticated attackers to cause persistent network reconnection failures through improper bit flag handling. The vulnerability affects the Reliable Datagram Sockets (RDS) protocol implementation where canceling a reconnect worker without clearing the reconnect-pending bit causes a permanent stuck state, preventing legitimate network reconnections. Vendor patches available across multiple stable kernel versions (5.10.252, 5.15.202, 6.1.165, 6.6.128, 6.12.75, 6.18.16, 6.19.6, 7.0). EPSS exploitation probability is very low (0.02%, 7th percentile), and no public exploit or active exploitation confirmed at time of analysis.

Technical ContextAI

The Reliable Datagram Sockets (RDS) protocol in the Linux kernel provides high-performance datagram delivery over RDMA and TCP transports. This vulnerability exists in the connection state management logic where the reconnect worker thread can be canceled without properly resetting internal state flags. Specifically, when the reconnect worker is canceled before being scheduled, the reconnect-pending bit remains set indefinitely. This creates a permanent inconsistent state where the kernel believes a reconnection is pending but no worker will ever execute to complete it or clear the flag. The affected code path is in net/rds subsystem connection management. The issue affects all Linux kernel versions from the initial RDS implementation (commit 1da177e4c3f4) through multiple stable branches, requiring backports across at least eight kernel version lines as evidenced by the patch commits provided.

RemediationAI

Upgrade to patched kernel versions: 5.10.252 or later for 5.10.x series, 5.15.202+ for 5.15.x, 6.1.165+ for 6.1.x, 6.6.128+ for 6.6.x, 6.12.75+ for 6.12.x, 6.18.16+ for 6.18.x, 6.19.6+ for 6.19.x, or 7.0+ for mainline. Patch commits available at https://git.kernel.org/stable/ with commit hashes provided in references section. For systems unable to immediately upgrade, disable RDS protocol module as compensating control by blacklisting the rds kernel module (add 'blacklist rds' to /etc/modprobe.d/blacklist.conf and 'blacklist rds_tcp' and 'blacklist rds_rdma' for transport modules). Note this mitigation completely removes RDS functionality, impacting applications dependent on RDS sockets including certain Oracle Database RAC configurations and high-performance computing message passing libraries. Verify no critical applications require RDS before disabling. Alternative mitigation: restrict network access to RDS ports (typically 16385-16390 TCP/UDP) via firewall rules to trusted networks only, reducing remote attack surface while maintaining RDS functionality for legitimate internal traffic.

Vendor StatusVendor

SUSE

Severity: High
Product Status
SUSE Linux Enterprise Desktop 15 SP7 Fixed
SUSE Linux Enterprise Desktop 15 SP7 Fixed
SUSE Linux Enterprise High Availability Extension 15 SP7 Fixed
SUSE Linux Enterprise High Availability Extension 15 SP7 Fixed
SUSE Linux Enterprise High Performance Computing 15 SP7 Fixed

Share

EUVD-2026-27791 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy