HOMEVULNERABILITIESCVE-2026-43468
NONE

CVE-2026-43468

Published: May 8, 2026· Updated: May 12, 2026

EPSS:0.02%probability of exploitation in 30 daysPercentile:7.0th

Official Description

In the Linux kernel, the following vulnerability has been resolved:

net/mlx5: Fix deadlock between devlink lock and esw->wq

esw->work_queue executes esw_functions_changed_event_handler ->

esw_vfs_changed_event_handler and acquires the devlink lock.

.eswitch_mode_set (acquires devlink lock in devlink_nl_pre_doit) ->

mlx5_devlink_eswitch_mode_set -> mlx5_eswitch_disable_locked ->

mlx5_eswitch_event_handler_unregister -> flush_workqueue deadlocks

when esw_vfs_changed_event_handler executes.

Fix that by no longer flushing the work to avoid the deadlock, and using

a generation counter to keep track of work relevance. This avoids an old

handler manipulating an esw that has undergone one or more mode changes:

- the counter is incremented in mlx5_eswitch_event_handler_unregister.

- the counter is read and passed to the ephemeral mlx5_host_work struct.

- the work handler takes the devlink lock and bails out if the current

generation is different than the one it was scheduled to operate on.

- mlx5_eswitch_cleanup does the final draining before destroying the wq.

No longer flushing the workqueue has the side effect of maybe no longer

cancelling pending vport_change_handler work items, but that's ok since

those are disabled elsewhere:

- mlx5_eswitch_disable_locked disables the vport eq notifier.

- mlx5_esw_vport_disable disarms the HW EQ notification and marks

vport->enabled under state_lock to false to prevent pending vport

handler from doing anything.

- mlx5_eswitch_cleanup destroys the workqueue and makes sure all events

are disabled/finished.

NVD Source

Technical Analysis

CVE-2026-43468 requires local access, meaning attackers must already have a foothold on the target system.

Exploitation requires some privileges, which limits the exposure to scenarios where an attacker has already gained initial access.

Affected Vendors & Products

Mentioned vendors (from description):
Linux
CPE data not yet available in NVD for this CVE.

Exploit & PoC Resources

NO KNOWN EXPLOITNo public exploit confirmed at this time
External links open in a new tab. Always verify in a controlled environment before use.

All References (6)

Quick Facts

CVE IDCVE-2026-43468
SeverityNONE
CISA KEVNo
EPSS (30d)0.02%
PublishedMay 8, 2026

Recommended Actions

  • Apply vendor patches immediately
  • Monitor CVE-2026-43468 in threat intel feeds
  • Review IDS/IPS signatures for exploitation attempts
Data sourced from NVD (NIST), CISA KEV, and EPSS (FIRST). Analysis generated by CTIWATCH.COM. CVE data is provided under the NVD usage policy.