{“lastseen”:””,”description”:”In the Linux kernel, the following vulnerability has been resolved:\\n\\nRDMA\/iwcm: Fix workqueue list corruption by removing work_list\\n\\nThe commit e1168f0 (\\”RDMA\/iwcm: Simplify cm_event_handler()\\”)\\nchanged the work submission logic to unconditionally call\\nqueue_work() with the expectation that queue_work() would\\nhave no effect if work was already pending. The problem is\\nthat a free list of struct iwcm_work is used (for which\\nstruct work_struct is embedded), so each call to queue_work()\\nis basically unique and therefore does indeed queue the work.\\n\\nThis causes a problem in the work handler which walks the work_list\\nuntil it’s empty to process entries. This means that a single\\nrun of the work handler could process item N+1 and release it\\nback to the free list while the actual workqueue entry is still\\nqueued. It could then get reused (INIT_WORK…) and lead to\\nlist corruption in the workqueue logic.\\n\\nFix this by just removing the work_list. The workqueue already\\ndoes this for us.\\n\\nThis fixes the following error that was observed when stress\\ntesting with ucmatose on an Intel E830 in iWARP mode:\\n\\n[ 151.465780] list_del corruption. next-\\u003eprev should be ffff9f0915c69c08, but was ffff9f0a1116be08. (next=ffff9f0a15b11c08)\\n[ 151.466639] ————[ cut here ]————\\n[ 151.466986] kernel BUG at lib\/list_debug.c:67!\\n[ 151.467349] Oops: invalid opcode: 0000 [#1] SMP NOPTI\\n[ 151.467753] CPU: 14 UID: 0 PID: 2306 Comm: kworker\/u64:18 Not tainted 6.19.0-rc4+ #1 PREEMPT(voluntary)\\n[ 151.468466] Hardware name: QEMU Ubuntu 24.04 PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04\/01\/2014\\n[ 151.469192] Workqueue: 0x0 (iw_cm_wq)\\n[ 151.469478] RIP: 0010:__list_del_entry_valid_or_report+0xf0\/0x100\\n[ 151.469942] Code: c7 58 5f 4c b2 e8 10 50 aa ff 0f 0b 48 89 ef e8 36 57 cb ff 48 8b 55 08 48 89 e9 48 89 de 48 c7 c7 a8 5f 4c b2 e8 f0 4f aa ff \\u003c0f\\u003e 0b 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 90 90 90 90 90 90\\n[ 151.471323] RSP: 0000:ffffb15644e7bd68 EFLAGS: 00010046\\n[ 151.471712] RAX: 000000000000006d RBX: ffff9f0915c69c08 RCX: 0000000000000027\\n[ 151.472243] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff9f0a37d9c600\\n[ 151.472768] RBP: ffff9f0a15b11c08 R08: 0000000000000000 R09: c0000000ffff7fff\\n[ 151.473294] R10: 0000000000000001 R11: ffffb15644e7bba8 R12: ffff9f092339ee68\\n[ 151.473817] R13: ffff9f0900059c28 R14: ffff9f092339ee78 R15: 0000000000000000\\n[ 151.474344] FS: 0000000000000000(0000) GS:ffff9f0a847b5000(0000) knlGS:0000000000000000\\n[ 151.474934] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\\n[ 151.475362] CR2: 0000559e233a9088 CR3: 000000020296b004 CR4: 0000000000770ef0\\n[ 151.475895] PKRU: 55555554\\n[ 151.476118] Call Trace:\\n[ 151.476331] \\u003cTASK\\u003e\\n[ 151.476497] move_linked_works+0x49\/0xa0\\n[ 151.476792] __pwq_activate_work.isra.46+0x2f\/0xa0\\n[ 151.477151] pwq_dec_nr_in_flight+0x1e0\/0x2f0\\n[ 151.477479] process_scheduled_works+0x1c8\/0x410\\n[ 151.477823] worker_thread+0x125\/0x260\\n[ 151.478108] ? __pfx_worker_thread+0x10\/0x10\\n[ 151.478430] kthread+0xfe\/0x240\\n[ 151.478671] ? __pfx_kthread+0x10\/0x10\\n[ 151.478955] ? __pfx_kthread+0x10\/0x10\\n[ 151.479240] ret_from_fork+0x208\/0x270\\n[ 151.479523] ? __pfx_kthread+0x10\/0x10\\n[ 151.479806] ret_from_fork_asm+0x1a\/0x30\\n[ 151.480103] \\u003c\/TASK\\u003e”,”published”:”2026-05-27T12:17:07.737Z”,”modified”:”2026-05-30T10:45:49.572Z”,”type”:”cve”,”title”:”RDMA\/iwcm: Fix workqueue list corruption by removing work_list”,”source”:”Linux”,”references”:”https:\/\/git.kernel.org\/stable\/c\/38c5b49fffa1b760959af74f11806eeb3ef4706d\\nhttps:\/\/git.kernel.org\/stable\/c\/eb715133e0ae12514bba4d2d5ce1dee774476056\\nhttps:\/\/git.kernel.org\/stable\/c\/a6b9e793e74e372daa266fd0d58b751305877897\\nhttps:\/\/git.kernel.org\/stable\/c\/7874eeacfa42177565c01d5198726671acf7adf2″,”id”:”CVE-2026-45898″,”bulletinFamily”:””,”cwe”:null,”cvelist”:null,”sourceData”:”Linux Linux e1168f09b3314992f1c5251f3793102035da7237\\nLinux Linux e1168f09b3314992f1c5251f3793102035da7237\\nLinux Linux e1168f09b3314992f1c5251f3793102035da7237\\nLinux Linux e1168f09b3314992f1c5251f3793102035da7237\\nLinux Linux 6.11″,”sourceHref”:””,”cvss”:{“score”:9.8,”severity”:”CRITICAL”,”vector”:”CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H”,”version”:”3.1″},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:””,”category_name”:”CVE”,”post_link”:””,”product”:”Linux”,”version”:”e1168f09b3314992f1c5251f3793102035da7237″,”vendor”:”Linux”,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"
{“lastseen”:””,”description”:”In the Linux kernel, the following vulnerability has been resolved:\\n\\nRDMA\/iwcm: Fix workqueue list corruption by removing work_list\\n\\nThe commit e1168f0 (\\”RDMA\/iwcm: Simplify cm_event_handler()\\”)\\nchanged the work submission…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[9,6,8,35,12,13,7,11,5],"class_list":["post-58544","post","type-post","status-publish","format-standard","hentry","category-category_cve","tag-critical","tag-cve","tag-cvss","tag-cvss-98","tag-exploit","tag-news","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n