CVE-2022-50137

Summary

In the Linux kernel, the following vulnerability has been resolved:

RDMA/irdma: Fix a window for use-after-free

During a destroy CQ an interrupt may cause processing of a CQE after CQ resources are freed by irdma_cq_free_rsrc(). Fix this by moving the call to irdma_cq_free_rsrc() after the irdma_sc_cleanup_ceqes(), which is called under the cq_lock.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxb48c24c2d710cf34810c555dcef883a3d35a9c08 < 92520864ef9f912f38b403d172a0ded020683d55affected
LinuxLinuxb48c24c2d710cf34810c555dcef883a3d35a9c08 < 0abf2eef80295923b819ce89ff9edc1fe61be17caffected
LinuxLinuxb48c24c2d710cf34810c555dcef883a3d35a9c08 < 350ac793a03c8a30a3f2b27fc282cd1c67070763affected
LinuxLinuxb48c24c2d710cf34810c555dcef883a3d35a9c08 < 8ecef7890b3aea78c8bbb501a4b5b8134367b821affected
LinuxLinux5.14affected
LinuxLinux0 < 5.14unaffected
LinuxLinux5.15.61 <= 5.15.*unaffected
LinuxLinux5.18.18 <= 5.18.*unaffected
LinuxLinux5.19.2 <= 5.19.*unaffected
LinuxLinux6.0 <= *unaffected

Weaknesses

References