CVE-2024-26872
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
RDMA/srpt: Do not register event handler until srpt device is fully setup
Upon rare occasions, KASAN reports a use-after-free Write in srpt_refresh_port().
This seems to be because an event handler is registered before the srpt device is fully setup and a race condition upon error may leave a partially setup event handler in place.
Instead, only register the event handler after srpt device initialization is complete.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | a42d985bd5b234da8b61347a78dc3057bf7bb94d < bdd895e0190c464f54f84579e7535d80276f0fc5 | affected |
| Linux | Linux | a42d985bd5b234da8b61347a78dc3057bf7bb94d < 6413e78086caf7bf15639923740da0d91fdfd090 | affected |
| Linux | Linux | a42d985bd5b234da8b61347a78dc3057bf7bb94d < e362d007294955a4fb929e1c8978154a64efdcb6 | affected |
| Linux | Linux | a42d985bd5b234da8b61347a78dc3057bf7bb94d < 85570b91e4820a0db9d9432098778cafafa7d217 | affected |
| Linux | Linux | a42d985bd5b234da8b61347a78dc3057bf7bb94d < 7104a00fa37ae898a827381f1161fa3286c8b346 | affected |
| Linux | Linux | a42d985bd5b234da8b61347a78dc3057bf7bb94d < ec77fa12da41260c6bf9e060b89234b980c5130f | affected |
| Linux | Linux | a42d985bd5b234da8b61347a78dc3057bf7bb94d < c21a8870c98611e8f892511825c9607f1e2cd456 | affected |
| Linux | Linux | 3.3 | affected |
| Linux | Linux | 0 < 3.3 | unaffected |
| Linux | Linux | 5.10.214 <= 5.10.* | unaffected |
| Linux | Linux | 5.15.153 <= 5.15.* | unaffected |
| Linux | Linux | 6.1.83 <= 6.1.* | unaffected |
| Linux | Linux | 6.6.23 <= 6.6.* | unaffected |
| Linux | Linux | 6.7.11 <= 6.7.* | unaffected |
| Linux | Linux | 6.8.2 <= 6.8.* | unaffected |
| Linux | Linux | 6.9 <= * | unaffected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
CVE Program Container
Additional References
- https://git.kernel.org/stable/c/bdd895e0190c464f54f84579e7535d80276f0fc5
- https://git.kernel.org/stable/c/6413e78086caf7bf15639923740da0d91fdfd090
- https://git.kernel.org/stable/c/e362d007294955a4fb929e1c8978154a64efdcb6
- https://git.kernel.org/stable/c/85570b91e4820a0db9d9432098778cafafa7d217
- https://git.kernel.org/stable/c/7104a00fa37ae898a827381f1161fa3286c8b346
- https://git.kernel.org/stable/c/ec77fa12da41260c6bf9e060b89234b980c5130f
- https://git.kernel.org/stable/c/c21a8870c98611e8f892511825c9607f1e2cd456
- https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
Additional References
References
- https://git.kernel.org/stable/c/bdd895e0190c464f54f84579e7535d80276f0fc5
- https://git.kernel.org/stable/c/6413e78086caf7bf15639923740da0d91fdfd090
- https://git.kernel.org/stable/c/e362d007294955a4fb929e1c8978154a64efdcb6
- https://git.kernel.org/stable/c/85570b91e4820a0db9d9432098778cafafa7d217
- https://git.kernel.org/stable/c/7104a00fa37ae898a827381f1161fa3286c8b346
- https://git.kernel.org/stable/c/ec77fa12da41260c6bf9e060b89234b980c5130f
- https://git.kernel.org/stable/c/c21a8870c98611e8f892511825c9607f1e2cd456
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.