CVE-2024-42285

In the Linux kernel, the following vulnerability has been resolved: RDMA/iwcm: Fix a use-after-free related to destroying CM IDs iwconnreqhandler associates a new struct rdmaidprivate connid with an existing struct iwcmid cmid as follows: connid-cmid.iw = cmid; cmid-context = connid; cmid-cmhandl...

CVE-2024-42285 RDMA/iwcm: Fix a use-after-free related to destroying CM IDs

In the Linux kernel, the following vulnerability has been resolved: RDMA/iwcm: Fix a use-after-free related to destroying CM IDs iwconnreqhandler associates a new struct rdmaidprivate connid with an existing struct iwcmid cmid as follows: connid-cmid.iw = cmid; cmid-context = connid; cmid-cmhandl...

CVE-2024-42285

The CVE-2024-42285 entry affects the Linux kernel’s RDMA/iwcm code and describes a use-after-free when destroying CM IDs. The issue originates from how iw_conn_req_handler() associates a new rdma_id_private (conn_id) with an existing iw_cm_id (cm_id): conn_id->cm_id.iw = cm_id; cm_id->conte...

SUSE CVE-2011-0695

Race condition in the cmworkhandler function in the InfiniBand driver drivers/infiniband/core/cma.c in Linux kernel 2.6.x allows remote attackers to cause a denial of service panic by sending an InfiniBand request while other request handlers are still running, which triggers an invalid pointer...