CVE-2022-50671

Summary

In the Linux kernel, the following vulnerability has been resolved:

RDMA/rxe: Fix "kernel NULL pointer dereference" error

When rxe_queue_init in the function rxe_qp_init_req fails, both qp->req.task.func and qp->req.task.arg are not initialized.

Because of creation of qp fails, the function rxe_create_qp will call rxe_qp_do_cleanup to handle allocated resource.

Before calling __rxe_do_task, both qp->req.task.func and qp->req.task.arg should be checked.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux8700e3e7c4857d28ebaa824509934556da0b3e76 < 48cd7098e71735ccafa0b3cf27c53924f9cb5b2faffected
LinuxLinux8700e3e7c4857d28ebaa824509934556da0b3e76 < eca119693010032d6cc6e7e9b4fb2c363c7e12ceaffected
LinuxLinux8700e3e7c4857d28ebaa824509934556da0b3e76 < 9c5dd6993c794703e74c6ba17ac78ca0211ef940affected
LinuxLinux8700e3e7c4857d28ebaa824509934556da0b3e76 < 0d773c58d702f0a7c16ee8d69617fd2c28350795affected
LinuxLinux8700e3e7c4857d28ebaa824509934556da0b3e76 < cdce36a88def550773142a34ef727a830cad96a8affected
LinuxLinux8700e3e7c4857d28ebaa824509934556da0b3e76 < f2f405af70e6f0419e718d23fa304798a5405c41affected
LinuxLinux8700e3e7c4857d28ebaa824509934556da0b3e76 < bb33fa65da77f5f02dbee6f25cebaeedfcd70028affected
LinuxLinux8700e3e7c4857d28ebaa824509934556da0b3e76 < 3b8752f086eb6865cc3662ad13249b03024501e5affected
LinuxLinux8700e3e7c4857d28ebaa824509934556da0b3e76 < a625ca30eff806395175ebad3ac1399014bdb280affected
LinuxLinux4.8affected
LinuxLinux0 < 4.8unaffected
LinuxLinux4.9.331 <= 4.9.*unaffected
LinuxLinux4.14.296 <= 4.14.*unaffected
LinuxLinux4.19.262 <= 4.19.*unaffected
LinuxLinux5.4.220 <= 5.4.*unaffected
LinuxLinux5.10.150 <= 5.10.*unaffected
LinuxLinux5.15.75 <= 5.15.*unaffected
LinuxLinux5.19.17 <= 5.19.*unaffected
LinuxLinux6.0.3 <= 6.0.*unaffected
LinuxLinux6.1 <= *unaffected

Weaknesses

References