1. Home
  2. Vulnerabilities
  3. CVE-2026-43296
0.0
NA
CVE-2026-43296
octeontx2-af: Workaround SQM/PSE stalls by disabling sticky
Overview
Description

In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: Workaround SQM/PSE stalls by disabling sticky NIX SQ manager sticky mode is known to cause stalls when multiple SQs share an SMQ and transmit concurrently. Additionally, PSE may deadlock on transitions between sticky and non-sticky transmissions. There is also a credit drop issue observed when certain condition clocks are gated. work around these hardware errata by: - Disabling SQM sticky operation: - Clear TM6 (bit 15) - Clear TM11 (bit 14) - Disabling sticky → non-sticky transition path that can deadlock PSE: - Clear TM5 (bit 23) - Preventing credit drops by keeping the control-flow clock enabled: - Set TM9 (bit 21) These changes are applied via NIX_AF_SQM_DBG_CTL_STATUS. With this configuration the SQM/PSE maintain forward progress under load without credit loss, at the cost of disabling sticky optimizations.

Details
INFO

Published Date :

May 8, 2026, 2:16 p.m.

Last Modified :

May 8, 2026, 2:16 p.m.

Remotely Exploit :

No

Source :

416baaa9-dc9f-4396-8d5f-8c081fb06d67
Impact
Affected Products

The following products are affected by CVE-2026-43296 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Linux linux_kernel
: Total Affected Vendor : 1 | Products : 1
Solution
Disable sticky SQM operation and related PSE transitions to prevent stalls and deadlocks.
  • Clear TM6 and TM11 bits in NIX_AF_SQM_DBG_CTL_STATUS.
  • Clear TM5 bit to disable sticky to non-sticky PSE transitions.
  • Set TM9 bit to keep control-flow clock enabled.
  • Apply these changes via NIX_AF_SQM_DBG_CTL_STATUS.
References
References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2026-43296.

URL Resource
https://git.kernel.org/stable/c/36cc5a5e0178d5fb79e04173b8aa623b0108819a
https://git.kernel.org/stable/c/70e9a5760abfb6338d63994d4de6b0778ec795d6
https://git.kernel.org/stable/c/8052d0587fb14b85539c3a14a226586c0c3d6b4c
https://git.kernel.org/stable/c/9a3fd301329474f449e75f86d8a4f6b9c603fd6c
https://git.kernel.org/stable/c/b7eba260a34e854e2487b8363c11976f082df00d
https://git.kernel.org/stable/c/cec2ceb35ce7bc874c43812bb39200d6cf691b87
https://git.kernel.org/stable/c/d0b3c8a80336029d9356f429151eb27922d80a3c
https://git.kernel.org/stable/c/d9b549b6951ba178ec14339a031cae65f4e43fe1
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2026-43296 is associated with the following CWEs:

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2026-43296 weaknesses.

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2026-43296 vulnerability anywhere in the article.

Results are limited to the first 20 news articles due to potential performance issues.

The following table lists the changes that have been made to the CVE-2026-43296 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • New CVE Received by 416baaa9-dc9f-4396-8d5f-8c081fb06d67

    May. 08, 2026

    Action Type Old Value New Value
    Added Description In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: Workaround SQM/PSE stalls by disabling sticky NIX SQ manager sticky mode is known to cause stalls when multiple SQs share an SMQ and transmit concurrently. Additionally, PSE may deadlock on transitions between sticky and non-sticky transmissions. There is also a credit drop issue observed when certain condition clocks are gated. work around these hardware errata by: - Disabling SQM sticky operation: - Clear TM6 (bit 15) - Clear TM11 (bit 14) - Disabling sticky → non-sticky transition path that can deadlock PSE: - Clear TM5 (bit 23) - Preventing credit drops by keeping the control-flow clock enabled: - Set TM9 (bit 21) These changes are applied via NIX_AF_SQM_DBG_CTL_STATUS. With this configuration the SQM/PSE maintain forward progress under load without credit loss, at the cost of disabling sticky optimizations.
    Added Reference https://git.kernel.org/stable/c/36cc5a5e0178d5fb79e04173b8aa623b0108819a
    Added Reference https://git.kernel.org/stable/c/70e9a5760abfb6338d63994d4de6b0778ec795d6
    Added Reference https://git.kernel.org/stable/c/8052d0587fb14b85539c3a14a226586c0c3d6b4c
    Added Reference https://git.kernel.org/stable/c/9a3fd301329474f449e75f86d8a4f6b9c603fd6c
    Added Reference https://git.kernel.org/stable/c/b7eba260a34e854e2487b8363c11976f082df00d
    Added Reference https://git.kernel.org/stable/c/cec2ceb35ce7bc874c43812bb39200d6cf691b87
    Added Reference https://git.kernel.org/stable/c/d0b3c8a80336029d9356f429151eb27922d80a3c
    Added Reference https://git.kernel.org/stable/c/d9b549b6951ba178ec14339a031cae65f4e43fe1
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
CVSS
Vulnerability Scoring Details
No CVSS metrics available for this vulnerability.