CVE-2022-50543

EPSS -
Veröffentlicht 07.10.2025 15:21:07
Zuletzt bearbeitet 07.10.2025 16:15:38
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
Teams Watchlist Login
Unerledigt Login

In the Linux kernel, the following vulnerability has been resolved:

RDMA/rxe: Fix mr->map double free

rxe_mr_cleanup() which tries to free mr->map again will be called when
rxe_mr_init_user() fails:

   CPU: 0 PID: 4917 Comm: rdma_flush_serv Kdump: loaded Not tainted 6.1.0-rc1-roce-flush+ #25
   Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014
   Call Trace:
    <TASK>
    dump_stack_lvl+0x45/0x5d
    panic+0x19e/0x349
    end_report.part.0+0x54/0x7c
    kasan_report.cold+0xa/0xf
    rxe_mr_cleanup+0x9d/0xf0 [rdma_rxe]
    __rxe_cleanup+0x10a/0x1e0 [rdma_rxe]
    rxe_reg_user_mr+0xb7/0xd0 [rdma_rxe]
    ib_uverbs_reg_mr+0x26a/0x480 [ib_uverbs]
    ib_uverbs_handler_UVERBS_METHOD_INVOKE_WRITE+0x1a2/0x250 [ib_uverbs]
    ib_uverbs_cmd_verbs+0x1397/0x15a0 [ib_uverbs]

This issue was firstly exposed since commit b18c7da63fcb ("RDMA/rxe: Fix
memory leak in error path code") and then we fixed it in commit
8ff5f5d9d8cf ("RDMA/rxe: Prevent double freeing rxe_map_set()") but this
fix was reverted together at last by commit 1e75550648da (Revert
"RDMA/rxe: Create duplicate mapping tables for FMRs")

Simply let rxe_mr_cleanup() always handle freeing the mr->map once it is
successfully allocated.

Betroffene Produkte Warnungen 0 Metriken 0 CWE 0 Referenzen 6

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 6ce577f09013206e36e674cd27da3707b2278268

Version 1e75550648da1fa1cd1969e7597355de8fe8caf6

Status affected

Version < 06f73568f553b5be6ba7f6fe274d333ea29fc46d

Version 1e75550648da1fa1cd1969e7597355de8fe8caf6

Status affected

Version < 7d984dac8f6bf4ebd3398af82b357e1d181ecaac

Version 1e75550648da1fa1cd1969e7597355de8fe8caf6

Status affected

Version e004a35e8148ad9fc438b0479884641acf382896

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 6.0

Status affected

Version < 6.0

Version 0

Status unaffected

Version <= 6.0.*

Version 6.0.16

Status unaffected

Version <= 6.1.*

Version 6.1.2

Status unaffected

Version <= *

Version 6.2

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://git.kernel.org/stable/c/6ce577f09013206e36e674cd27da3707b2278268

https://git.kernel.org/stable/c/06f73568f553b5be6ba7f6fe274d333ea29fc46d

https://git.kernel.org/stable/c/7d984dac8f6bf4ebd3398af82b357e1d181ecaac

https://nvd.nist.gov/vuln/detail/CVE-2022-50543

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-50543

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-50543

EUVD