CVE-2024-47750
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
RDMA/hns: Fix Use-After-Free of rsv_qp on HIP08
Currently rsv_qp is freed before ib_unregister_device() is called on HIP08. During the time interval, users can still dereg MR and rsv_qp will be used in this process, leading to a UAF. Move the release of rsv_qp after calling ib_unregister_device() to fix it.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 70f92521584f1d1e8268311ee84413307b0fdea8 < 2ccf1c75d39949d8ea043d04a2e92d7100ea723d | affected |
| Linux | Linux | 70f92521584f1d1e8268311ee84413307b0fdea8 < d2d9c5127122745da6e887f451dd248cfeffca33 | affected |
| Linux | Linux | 70f92521584f1d1e8268311ee84413307b0fdea8 < dac2723d8bfa9cf5333f477741e6e5fa1ed34645 | affected |
| Linux | Linux | 70f92521584f1d1e8268311ee84413307b0fdea8 < 60595923371c2ebe7faf82536c47eb0c967e3425 | affected |
| Linux | Linux | 70f92521584f1d1e8268311ee84413307b0fdea8 < fd8489294dd2beefb70f12ec4f6132aeec61a4d0 | affected |
| Linux | Linux | 5.18 | affected |
| Linux | Linux | 0 < 5.18 | unaffected |
| Linux | Linux | 6.1.113 <= 6.1.* | unaffected |
| Linux | Linux | 6.6.54 <= 6.6.* | unaffected |
| Linux | Linux | 6.10.13 <= 6.10.* | unaffected |
| Linux | Linux | 6.11.2 <= 6.11.* | unaffected |
| Linux | Linux | 6.12 <= * | unaffected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
CVE Program Container
Additional References
References
- https://git.kernel.org/stable/c/2ccf1c75d39949d8ea043d04a2e92d7100ea723d
- https://git.kernel.org/stable/c/d2d9c5127122745da6e887f451dd248cfeffca33
- https://git.kernel.org/stable/c/dac2723d8bfa9cf5333f477741e6e5fa1ed34645
- https://git.kernel.org/stable/c/60595923371c2ebe7faf82536c47eb0c967e3425
- https://git.kernel.org/stable/c/fd8489294dd2beefb70f12ec4f6132aeec61a4d0
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.