CVE-2022-50736

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> RDMA/siw: Fix immediate work request flush to completion queue<br /> <br /> Correctly set send queue element opcode during immediate work request<br /> flushing in post sendqueue operation, if the QP is in ERROR state.<br /> An undefined ocode value results in out-of-bounds access to an array<br /> for mapping the opcode between siw internal and RDMA core representation<br /> in work completion generation. It resulted in a KASAN BUG report<br /> of type &amp;#39;global-out-of-bounds&amp;#39; during NFSoRDMA testing.<br /> <br /> This patch further fixes a potential case of a malicious user which may<br /> write undefined values for completion queue elements status or opcode,<br /> if the CQ is memory mapped to user land. It avoids the same out-of-bounds<br /> access to arrays for status and opcode mapping as described above.