CVE-2026-43199

HIGH EPSS 35.2%
Published May 6, 20261mo ago · Modified Jun 17, 20261w ago
7.5 CVSS 3.1
High
Find Similar
Published May 6, 2026 1mo ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix "scheduling while atomic" in IPsec MAC address query Fix a "scheduling while atomic" bug in mlx5e_ipsec_init_macs() by replacing mlx5_query_mac_address() with ether_addr_copy() to get the local MAC address directly from netdev->dev_addr. The issue occurs because mlx5_query_mac_address() queries the hardware which involves mlx5_cmd_exec() that can sleep, but it is called from the mlx5e_ipsec_handle_event workqueue which runs in atomic context. The MAC address is already available in netdev->dev_addr, so no need to query hardware. This avoids the sleeping call and resolves the bug. Call trace: BUG: scheduling while atomic: kworker/u112:2/69344/0x00000200 __schedule+0x7ab/0xa20 schedule+0x1c/0xb0 schedule_timeout+0x6e/0xf0 __wait_for_common+0x91/0x1b0 cmd_exec+0xa85/0xff0 [mlx5_core] mlx5_cmd_exec+0x1f/0x50 [mlx5_core] mlx5_query_nic_vport_mac_address+0x7b/0xd0 [mlx5_core] mlx5_query_mac_address+0x19/0x30 [mlx5_core] mlx5e_ipsec_init_macs+0xc1/0x720 [mlx5_core] mlx5e_ipsec_build_accel_xfrm_attrs+0x422/0x670 [mlx5_core] mlx5e_ipsec_handle_event+0x2b9/0x460 [mlx5_core] process_one_work+0x178/0x2e0 worker_thread+0x2ea/0x430

CVSS Details

Base Score
7.5
Exploitability
3.9
Impact
3.6
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector Network
Attack Complexity Low
Privileges Required None
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
35.2% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 4

VendorProductVersionRange
linuxlinux_kernel*≥6.2  –  <6.12.75
linuxlinux_kernel*≥6.13  –  <6.18.16
linuxlinux_kernel*≥6.19  –  <6.19.6
linuxlinux_kernel7.0any

References 4

  • git.kernel.org https://git.kernel.org/stable/c/546de94e41e92e1f7dc6213615fb7c794d05db98
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/57957bc7f1865778ec9b1618e15515feb6df7eb4
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/859380694f434597407632c29f30fdb5e763e6cc
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e1407fb7c337373dfaaae2445d828b0b9ae26a29
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/546de94e41e92e1f7dc6213615fb7c794d05db98
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/57957bc7f1865778ec9b1618e15515feb6df7eb4
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/859380694f434597407632c29f30fdb5e763e6cc
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e1407fb7c337373dfaaae2445d828b0b9ae26a29
    Patch