-
CVE-2022-50135
- EPSS 0.03%
- Published 18.06.2025 11:02:59
- Last modified 18.06.2025 13:47:40
- Source 416baaa9-dc9f-4396-8d5f-8c081f
- Teams watchlist Login
- Open Login
In the Linux kernel, the following vulnerability has been resolved:
RDMA/rxe: Fix BUG: KASAN: null-ptr-deref in rxe_qp_do_cleanup
The function rxe_create_qp calls rxe_qp_from_init. If some error
occurs, the error handler of function rxe_qp_from_init will set
both scq and rcq to NULL.
Then rxe_create_qp calls rxe_put to handle qp. In the end,
rxe_qp_do_cleanup is called by rxe_put. rxe_qp_do_cleanup directly
accesses scq and rcq before checking them. This will cause
null-ptr-deref error.
The call graph is as below:
rxe_create_qp {
...
rxe_qp_from_init {
...
err1:
...
qp->rcq = NULL; <---rcq is set to NULL
qp->scq = NULL; <---scq is set to NULL
...
}
qp_init:
rxe_put{
...
rxe_qp_do_cleanup {
...
atomic_dec(&qp->scq->num_wq); <--- scq is accessed
...
atomic_dec(&qp->rcq->num_wq); <--- rcq is accessed
}
}Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
This information is available to logged-in users. Login
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
VendorLinux
≫
Product
Linux
Default Statusunaffected
Version <
8598b9d0a364c1663c96fc0fab9df0d36c809aea
Version
4703b4f0d94a5f887297713a2f6c2916a1ef08fd
Status
affected
Version <
37da51efe6eaa0560f46803c8c436a48a2084da7
Version
4703b4f0d94a5f887297713a2f6c2916a1ef08fd
Status
affected
VendorLinux
≫
Product
Linux
Default Statusaffected
Version
5.19
Status
affected
Version <
5.19
Version
0
Status
unaffected
Version <=
5.19.*
Version
5.19.2
Status
unaffected
Version <=
*
Version
6.0
Status
unaffected
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.03% | 0.059 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|