CVE-2022-50127

Summary

In the Linux kernel, the following vulnerability has been resolved:

RDMA/rxe: Fix error unwind in rxe_create_qp()

In the function rxe_create_qp(), rxe_qp_from_init() is called to initialize qp, internally things like the spin locks are not setup until rxe_qp_init_req().

If an error occures before this point then the unwind will call rxe_cleanup() and eventually to rxe_qp_do_cleanup()/rxe_cleanup_task() which will oops when trying to access the uninitialized spinlock.

Move the spinlock initializations earlier before any failures.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux8700e3e7c4857d28ebaa824509934556da0b3e76 < 3c838ca6fbdb173102780d7bdf18f2f7d9e30979affected
LinuxLinux8700e3e7c4857d28ebaa824509934556da0b3e76 < 1a63f24e724f677db1ab21251f4d0011ae0bb5b5affected
LinuxLinux8700e3e7c4857d28ebaa824509934556da0b3e76 < b348e204a53103f51070513a7494da7c62ecbdaaaffected
LinuxLinux8700e3e7c4857d28ebaa824509934556da0b3e76 < 3ef491b26c720a87fcfbd78b7dc8eb83d9753fe6affected
LinuxLinux8700e3e7c4857d28ebaa824509934556da0b3e76 < 2ceeb04252e621c0b128ecc8fedbca922d11adbaaffected
LinuxLinux8700e3e7c4857d28ebaa824509934556da0b3e76 < db924bd8484c76558a4ac4c4b5aeb52e857f0341affected
LinuxLinux8700e3e7c4857d28ebaa824509934556da0b3e76 < f05b7cf02123aaf99db78abfe638efefdbe15555affected
LinuxLinux8700e3e7c4857d28ebaa824509934556da0b3e76 < fd5382c5805c4bcb50fd25b7246247d3f7114733affected
LinuxLinux4.8affected
LinuxLinux0 < 4.8unaffected
LinuxLinux4.14.291 <= 4.14.*unaffected
LinuxLinux4.19.256 <= 4.19.*unaffected
LinuxLinux5.4.211 <= 5.4.*unaffected
LinuxLinux5.10.137 <= 5.10.*unaffected
LinuxLinux5.15.61 <= 5.15.*unaffected
LinuxLinux5.18.18 <= 5.18.*unaffected
LinuxLinux5.19.2 <= 5.19.*unaffected
LinuxLinux6.0 <= *unaffected

Weaknesses

References