🟡 Medium | Source: Microsoft Security Response Center
CVE-2025-21892 is a vulnerability in the Linux kernel’s RDMA/mlx5 driver, specifically affecting the recovery flow of the UMR (User Memory Registration) Queue Pair. This issue is relevant to Azure environments where high-performance networking using Mellanox/NVIDIA ConnectX adapters is in use. A flaw in the error recovery path could potentially lead to instability or exploitation in affected kernel configurations.
Security Architect’s Take: Review whether your Azure VMs or HPC workloads use RDMA-capable instance types (such as HB, HC, or ND series); if so, ensure the underlying OS images are patched to a kernel version that includes this fix and monitor Microsoft’s update guidance for any Azure host-level patches.
Original advisory: CVE-2025-21892 RDMA/mlx5: Fix the recovery flow of the UMR QP