CVE-2024-38545
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
RDMA/hns: Fix UAF for cq async event
The refcount of CQ is not protected by locks. When CQ asynchronous events and CQ destruction are concurrent, CQ may have been released, which will cause UAF.
Use the xa_lock() to protect the CQ refcount.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 9a4435375cd151e07c0c38fa601b00115986091b < 330c825e66ef65278e4ebe57fd49c1d6f3f4e34e | affected |
| Linux | Linux | 9a4435375cd151e07c0c38fa601b00115986091b < 763780ef0336a973e933e40e919339381732dcaf | affected |
| Linux | Linux | 9a4435375cd151e07c0c38fa601b00115986091b < 63da190eeb5c9d849b71f457b15b308c94cbaf08 | affected |
| Linux | Linux | 9a4435375cd151e07c0c38fa601b00115986091b < 39d26cf46306bdc7ae809ecfdbfeff5aa1098911 | affected |
| Linux | Linux | 9a4435375cd151e07c0c38fa601b00115986091b < 37a7559dc1358a8d300437e99ed8ecdab0671507 | affected |
| Linux | Linux | 9a4435375cd151e07c0c38fa601b00115986091b < a942ec2745ca864cd8512142100e4027dc306a42 | affected |
| Linux | Linux | 4.9 | affected |
| Linux | Linux | 0 < 4.9 | unaffected |
| Linux | Linux | 5.15.168 <= 5.15.* | unaffected |
| Linux | Linux | 6.1.93 <= 6.1.* | unaffected |
| Linux | Linux | 6.6.33 <= 6.6.* | unaffected |
| Linux | Linux | 6.8.12 <= 6.8.* | unaffected |
| Linux | Linux | 6.9.3 <= 6.9.* | unaffected |
| Linux | Linux | 6.10 <= * | unaffected |
Weaknesses
ADP Enrichment
CVE Program Container
Additional References
- https://git.kernel.org/stable/c/763780ef0336a973e933e40e919339381732dcaf
- https://git.kernel.org/stable/c/63da190eeb5c9d849b71f457b15b308c94cbaf08
- https://git.kernel.org/stable/c/39d26cf46306bdc7ae809ecfdbfeff5aa1098911
- https://git.kernel.org/stable/c/37a7559dc1358a8d300437e99ed8ecdab0671507
- https://git.kernel.org/stable/c/a942ec2745ca864cd8512142100e4027dc306a42
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://git.kernel.org/stable/c/330c825e66ef65278e4ebe57fd49c1d6f3f4e34e
- https://git.kernel.org/stable/c/763780ef0336a973e933e40e919339381732dcaf
- https://git.kernel.org/stable/c/63da190eeb5c9d849b71f457b15b308c94cbaf08
- https://git.kernel.org/stable/c/39d26cf46306bdc7ae809ecfdbfeff5aa1098911
- https://git.kernel.org/stable/c/37a7559dc1358a8d300437e99ed8ecdab0671507
- https://git.kernel.org/stable/c/a942ec2745ca864cd8512142100e4027dc306a42
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.