CVE - CVE-2021-47378

CVE-ID
CVE-2021-47378	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
In the Linux kernel, the following vulnerability has been resolved: nvme-rdma: destroy cm id before destroy qp to avoid use after free We should always destroy cm_id before destroy qp to avoid to get cma event after qp was destroyed, which may lead to use after free. In RDMA connection establishment error flow, don't destroy qp in cm event handler.Just report cm_error to upper level, qp will be destroy in nvme_rdma_alloc_queue() after destroy cm id.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:https://git.kernel.org/stable/c/9817d763dbe15327b9b3ff4404fa6f27f927e744 URL:https://git.kernel.org/stable/c/9817d763dbe15327b9b3ff4404fa6f27f927e744 MISC:https://git.kernel.org/stable/c/d268a182c56e8361e19fb781137411643312b994 URL:https://git.kernel.org/stable/c/d268a182c56e8361e19fb781137411643312b994 MISC:https://git.kernel.org/stable/c/ecf0dc5a904830c926a64feffd8e01141f89822f URL:https://git.kernel.org/stable/c/ecf0dc5a904830c926a64feffd8e01141f89822f
Assigning CNA
kernel.org
Date Record Created
20240521	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20240521)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)