CVE-2024-42285
Published: Aug 17, 2024
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: RDMA/iwcm: Fix a use-after-free related to destroying CM IDs iw_conn_req_handler() associates a new struct rdma_id_private (conn_id) with an existing struct iw_cm_id (cm_id) as follows: conn_id->cm_id.iw = cm_id; cm_id->context = conn_id; cm_id->cm_handler = cma_iw_handler; rdma_destroy_id() frees both the cm_id and the struct rdma_id_private. Make sure that cm_work_handler() does not trigger a use-after-free by only freeing of the struct rdma_id_private after all pending work has finished.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 59c68ac31e15ad09d2cb04734e3c8c544a95f8d4 - < d91d253c87fd1efece521ff2612078a35af673c6affected 59c68ac31e15ad09d2cb04734e3c8c544a95f8d4 - < 7f25f296fc9bd0435be14e89bf657cd615a23574affected 59c68ac31e15ad09d2cb04734e3c8c544a95f8d4 - < 94ee7ff99b87435ec63211f632918dc7f44dac79affected 59c68ac31e15ad09d2cb04734e3c8c544a95f8d4 - < 557d035fe88d78dd51664f4dc0e1896c04c97cf6affected 59c68ac31e15ad09d2cb04734e3c8c544a95f8d4 - < dc8074b8901caabb97c2d353abd6b4e7fa5a59a5+3 more versions |
Linux | Linux | affected 4.8unaffected 0 - < 4.8unaffected 4.19.320 - <= 4.19.*unaffected 5.4.282 - <= 5.4.*unaffected 5.10.224 - <= 5.10.*+5 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now