CVE-2024-38545
Severity CVSS v4.0:
Pending analysis
Type:
CWE-416
Use After Free
Publication date:
19/06/2024
Last modified:
23/12/2025
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
RDMA/hns: Fix UAF for cq async event<br />
<br />
The refcount of CQ is not protected by locks. When CQ asynchronous<br />
events and CQ destruction are concurrent, CQ may have been released,<br />
which will cause UAF.<br />
<br />
Use the xa_lock() to protect the CQ refcount.
Impact
Base Score 3.x
7.80
Severity 3.x
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 4.9 (including) | 5.15.168 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.16 (including) | 6.1.93 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.2 (including) | 6.6.33 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.7 (including) | 6.8.12 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.9 (including) | 6.9.3 (excluding) |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/330c825e66ef65278e4ebe57fd49c1d6f3f4e34e
- https://git.kernel.org/stable/c/37a7559dc1358a8d300437e99ed8ecdab0671507
- https://git.kernel.org/stable/c/39d26cf46306bdc7ae809ecfdbfeff5aa1098911
- https://git.kernel.org/stable/c/63da190eeb5c9d849b71f457b15b308c94cbaf08
- https://git.kernel.org/stable/c/763780ef0336a973e933e40e919339381732dcaf
- https://git.kernel.org/stable/c/a942ec2745ca864cd8512142100e4027dc306a42
- https://git.kernel.org/stable/c/37a7559dc1358a8d300437e99ed8ecdab0671507
- https://git.kernel.org/stable/c/39d26cf46306bdc7ae809ecfdbfeff5aa1098911
- https://git.kernel.org/stable/c/63da190eeb5c9d849b71f457b15b308c94cbaf08
- https://git.kernel.org/stable/c/763780ef0336a973e933e40e919339381732dcaf
- https://git.kernel.org/stable/c/a942ec2745ca864cd8512142100e4027dc306a42