{"api_version":"1","generated_at":"2026-05-10T15:10:59+00:00","cve":"CVE-2026-43296","urls":{"html":"https://cve.report/CVE-2026-43296","api":"https://cve.report/api/cve/CVE-2026-43296.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2026-43296","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2026-43296"},"summary":{"title":"octeontx2-af: Workaround SQM/PSE stalls by disabling sticky","description":"In the Linux kernel, the following vulnerability has been resolved:\n\nocteontx2-af: Workaround SQM/PSE stalls by disabling sticky\n\nNIX SQ manager sticky mode is known to cause stalls when multiple SQs\nshare an SMQ and transmit concurrently. Additionally, PSE may deadlock\non transitions between sticky and non-sticky transmissions. There is\nalso a credit drop issue observed when certain condition clocks are\ngated.\n\nwork around these hardware errata by:\n- Disabling SQM sticky operation:\n  - Clear TM6 (bit 15)\n  - Clear TM11 (bit 14)\n- Disabling sticky → non-sticky transition path that can deadlock PSE:\n  - Clear TM5 (bit 23)\n- Preventing credit drops by keeping the control-flow clock enabled:\n  - Set TM9 (bit 21)\n\nThese changes are applied via NIX_AF_SQM_DBG_CTL_STATUS. With this\nconfiguration the SQM/PSE maintain forward progress under load without\ncredit loss, at the cost of disabling sticky optimizations.","state":"PUBLISHED","assigner":"Linux","published_at":"2026-05-08 14:16:36","updated_at":"2026-05-08 14:16:36"},"problem_types":[],"metrics":[],"references":[{"url":"https://git.kernel.org/stable/c/8052d0587fb14b85539c3a14a226586c0c3d6b4c","name":"https://git.kernel.org/stable/c/8052d0587fb14b85539c3a14a226586c0c3d6b4c","refsource":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://git.kernel.org/stable/c/cec2ceb35ce7bc874c43812bb39200d6cf691b87","name":"https://git.kernel.org/stable/c/cec2ceb35ce7bc874c43812bb39200d6cf691b87","refsource":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://git.kernel.org/stable/c/36cc5a5e0178d5fb79e04173b8aa623b0108819a","name":"https://git.kernel.org/stable/c/36cc5a5e0178d5fb79e04173b8aa623b0108819a","refsource":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://git.kernel.org/stable/c/b7eba260a34e854e2487b8363c11976f082df00d","name":"https://git.kernel.org/stable/c/b7eba260a34e854e2487b8363c11976f082df00d","refsource":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://git.kernel.org/stable/c/9a3fd301329474f449e75f86d8a4f6b9c603fd6c","name":"https://git.kernel.org/stable/c/9a3fd301329474f449e75f86d8a4f6b9c603fd6c","refsource":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://git.kernel.org/stable/c/d0b3c8a80336029d9356f429151eb27922d80a3c","name":"https://git.kernel.org/stable/c/d0b3c8a80336029d9356f429151eb27922d80a3c","refsource":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://git.kernel.org/stable/c/d9b549b6951ba178ec14339a031cae65f4e43fe1","name":"https://git.kernel.org/stable/c/d9b549b6951ba178ec14339a031cae65f4e43fe1","refsource":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://git.kernel.org/stable/c/70e9a5760abfb6338d63994d4de6b0778ec795d6","name":"https://git.kernel.org/stable/c/70e9a5760abfb6338d63994d4de6b0778ec795d6","refsource":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2026-43296","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-43296","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 9a3fd301329474f449e75f86d8a4f6b9c603fd6c git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 d0b3c8a80336029d9356f429151eb27922d80a3c git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 36cc5a5e0178d5fb79e04173b8aa623b0108819a git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 d9b549b6951ba178ec14339a031cae65f4e43fe1 git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 cec2ceb35ce7bc874c43812bb39200d6cf691b87 git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 8052d0587fb14b85539c3a14a226586c0c3d6b4c git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 b7eba260a34e854e2487b8363c11976f082df00d git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 70e9a5760abfb6338d63994d4de6b0778ec795d6 git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 5.10.252 5.10.* semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 5.15.202 5.15.* semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 6.1.165 6.1.* semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 6.6.128 6.6.* semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 6.12.75 6.12.* semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 6.18.16 6.18.* semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 6.19.6 6.19.* semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 7.0 * original_commit_for_fix","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[],"vendor_comments":[],"enrichments":{"kev":null,"epss":{"cve_year":"2026","cve_id":"43296","cve":"CVE-2026-43296","epss":"0.000240000","percentile":"0.070360000","score_date":"2026-05-09","updated_at":"2026-05-10 00:03:04"},"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"cna":{"affected":[{"defaultStatus":"unaffected","product":"Linux","programFiles":["drivers/net/ethernet/marvell/octeontx2/af/rvu_nix.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","vendor":"Linux","versions":[{"lessThan":"9a3fd301329474f449e75f86d8a4f6b9c603fd6c","status":"affected","version":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2","versionType":"git"},{"lessThan":"d0b3c8a80336029d9356f429151eb27922d80a3c","status":"affected","version":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2","versionType":"git"},{"lessThan":"36cc5a5e0178d5fb79e04173b8aa623b0108819a","status":"affected","version":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2","versionType":"git"},{"lessThan":"d9b549b6951ba178ec14339a031cae65f4e43fe1","status":"affected","version":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2","versionType":"git"},{"lessThan":"cec2ceb35ce7bc874c43812bb39200d6cf691b87","status":"affected","version":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2","versionType":"git"},{"lessThan":"8052d0587fb14b85539c3a14a226586c0c3d6b4c","status":"affected","version":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2","versionType":"git"},{"lessThan":"b7eba260a34e854e2487b8363c11976f082df00d","status":"affected","version":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2","versionType":"git"},{"lessThan":"70e9a5760abfb6338d63994d4de6b0778ec795d6","status":"affected","version":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2","versionType":"git"}]},{"defaultStatus":"affected","product":"Linux","programFiles":["drivers/net/ethernet/marvell/octeontx2/af/rvu_nix.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","vendor":"Linux","versions":[{"lessThanOrEqual":"5.10.*","status":"unaffected","version":"5.10.252","versionType":"semver"},{"lessThanOrEqual":"5.15.*","status":"unaffected","version":"5.15.202","versionType":"semver"},{"lessThanOrEqual":"6.1.*","status":"unaffected","version":"6.1.165","versionType":"semver"},{"lessThanOrEqual":"6.6.*","status":"unaffected","version":"6.6.128","versionType":"semver"},{"lessThanOrEqual":"6.12.*","status":"unaffected","version":"6.12.75","versionType":"semver"},{"lessThanOrEqual":"6.18.*","status":"unaffected","version":"6.18.16","versionType":"semver"},{"lessThanOrEqual":"6.19.*","status":"unaffected","version":"6.19.6","versionType":"semver"},{"lessThanOrEqual":"*","status":"unaffected","version":"7.0","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"cpeMatch":[{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"5.10.252","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"5.15.202","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"6.1.165","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"6.6.128","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"6.12.75","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"6.18.16","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"6.19.6","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"7.0","vulnerable":true}],"negate":false,"operator":"OR"}]}],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nocteontx2-af: Workaround SQM/PSE stalls by disabling sticky\n\nNIX SQ manager sticky mode is known to cause stalls when multiple SQs\nshare an SMQ and transmit concurrently. Additionally, PSE may deadlock\non transitions between sticky and non-sticky transmissions. There is\nalso a credit drop issue observed when certain condition clocks are\ngated.\n\nwork around these hardware errata by:\n- Disabling SQM sticky operation:\n  - Clear TM6 (bit 15)\n  - Clear TM11 (bit 14)\n- Disabling sticky → non-sticky transition path that can deadlock PSE:\n  - Clear TM5 (bit 23)\n- Preventing credit drops by keeping the control-flow clock enabled:\n  - Set TM9 (bit 21)\n\nThese changes are applied via NIX_AF_SQM_DBG_CTL_STATUS. With this\nconfiguration the SQM/PSE maintain forward progress under load without\ncredit loss, at the cost of disabling sticky optimizations."}],"providerMetadata":{"dateUpdated":"2026-05-08T13:11:18.870Z","orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux"},"references":[{"url":"https://git.kernel.org/stable/c/9a3fd301329474f449e75f86d8a4f6b9c603fd6c"},{"url":"https://git.kernel.org/stable/c/d0b3c8a80336029d9356f429151eb27922d80a3c"},{"url":"https://git.kernel.org/stable/c/36cc5a5e0178d5fb79e04173b8aa623b0108819a"},{"url":"https://git.kernel.org/stable/c/d9b549b6951ba178ec14339a031cae65f4e43fe1"},{"url":"https://git.kernel.org/stable/c/cec2ceb35ce7bc874c43812bb39200d6cf691b87"},{"url":"https://git.kernel.org/stable/c/8052d0587fb14b85539c3a14a226586c0c3d6b4c"},{"url":"https://git.kernel.org/stable/c/b7eba260a34e854e2487b8363c11976f082df00d"},{"url":"https://git.kernel.org/stable/c/70e9a5760abfb6338d63994d4de6b0778ec795d6"}],"title":"octeontx2-af: Workaround SQM/PSE stalls by disabling sticky","x_generator":{"engine":"bippy-1.2.0"}}},"cveMetadata":{"assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","assignerShortName":"Linux","cveId":"CVE-2026-43296","datePublished":"2026-05-08T13:11:18.870Z","dateReserved":"2026-05-01T14:12:55.999Z","dateUpdated":"2026-05-08T13:11:18.870Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2026-05-08 14:16:36","lastModifiedDate":"2026-05-08 14:16:36","problem_types":[],"metrics":[],"configurations":[]},"legacy_mitre":{"record":{"CveYear":"2026","CveId":"43296","Ordinal":"1","Title":"octeontx2-af: Workaround SQM/PSE stalls by disabling sticky","CVE":"CVE-2026-43296","Year":"2026"},"notes":[{"CveYear":"2026","CveId":"43296","Ordinal":"1","NoteData":"In the Linux kernel, the following vulnerability has been resolved:\n\nocteontx2-af: Workaround SQM/PSE stalls by disabling sticky\n\nNIX SQ manager sticky mode is known to cause stalls when multiple SQs\nshare an SMQ and transmit concurrently. Additionally, PSE may deadlock\non transitions between sticky and non-sticky transmissions. There is\nalso a credit drop issue observed when certain condition clocks are\ngated.\n\nwork around these hardware errata by:\n- Disabling SQM sticky operation:\n  - Clear TM6 (bit 15)\n  - Clear TM11 (bit 14)\n- Disabling sticky → non-sticky transition path that can deadlock PSE:\n  - Clear TM5 (bit 23)\n- Preventing credit drops by keeping the control-flow clock enabled:\n  - Set TM9 (bit 21)\n\nThese changes are applied via NIX_AF_SQM_DBG_CTL_STATUS. With this\nconfiguration the SQM/PSE maintain forward progress under load without\ncredit loss, at the cost of disabling sticky optimizations.","Type":"Description","Title":"octeontx2-af: Workaround SQM/PSE stalls by disabling sticky"}]}}}