CVE-2024-26872

Published: Apr 17, 2024

Modified: May 12, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: RDMA/srpt: Do not register event handler until srpt device is fully setup Upon rare occasions, KASAN reports a use-after-free Write in srpt_refresh_port(). This seems to be because an event handler is registered before the srpt device is fully setup and a race condition upon error may leave a partially setup event handler in place. Instead, only register the event handler after srpt device initialization is complete.

Vendor	Product	Versions
Linux	Linux	affected `a42d985bd5b234da8b61347a78dc3057bf7bb94d - < bdd895e0190c464f54f84579e7535d80276f0fc5` affected `a42d985bd5b234da8b61347a78dc3057bf7bb94d - < 6413e78086caf7bf15639923740da0d91fdfd090` affected `a42d985bd5b234da8b61347a78dc3057bf7bb94d - < e362d007294955a4fb929e1c8978154a64efdcb6` affected `a42d985bd5b234da8b61347a78dc3057bf7bb94d - < 85570b91e4820a0db9d9432098778cafafa7d217` affected `a42d985bd5b234da8b61347a78dc3057bf7bb94d - < 7104a00fa37ae898a827381f1161fa3286c8b346` +2 more versions
Linux	Linux	affected `3.3` unaffected `0 - < 3.3` unaffected `5.10.214 - <= 5.10.` unaffected `5.15.153 - <= 5.15.` unaffected `6.1.83 - <= 6.1.*` +4 more versions