CVE-2021-47614

Summary

In the Linux kernel, the following vulnerability has been resolved:

RDMA/irdma: Fix a user-after-free in add_pble_prm

When irdma_hmc_sd_one fails, 'chunk' is freed while its still on the PBLE info list.

Add the chunk entry to the PBLE info list only after successful setting of the SD in irdma_hmc_sd_one.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxe8c4dbc2fcacf5a7468d312168bb120c27c38b32 < 11eebcf63e98fcf047a876a51d76afdabc3b8b9baffected
LinuxLinuxe8c4dbc2fcacf5a7468d312168bb120c27c38b32 < 1e11a39a82e95ce86f849f40dda0d9c0498cebd9affected
LinuxLinux5.14affected
LinuxLinux0 < 5.14unaffected
LinuxLinux5.15.10 <= 5.15.*unaffected
LinuxLinux5.16 <= *unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References