7.8
CVE-2025-22088
- EPSS 0.18%
- Veröffentlicht 16.04.2025 14:12:41
- Zuletzt bearbeitet 03.11.2025 20:17:43
- CVE-Watchlists
- Unerledigt
RDMA/erdma: Prevent use-after-free in erdma_accept_newconn()
In the Linux kernel, the following vulnerability has been resolved: RDMA/erdma: Prevent use-after-free in erdma_accept_newconn() After the erdma_cep_put(new_cep) being called, new_cep will be freed, and the following dereference will cause a UAF problem. Fix this issue.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 6.0 < 6.1.134
Linux ≫ Linux Kernel Version >= 6.2 < 6.6.87
Linux ≫ Linux Kernel Version >= 6.7 < 6.12.23
Linux ≫ Linux Kernel Version >= 6.13 < 6.13.11
Linux ≫ Linux Kernel Version >= 6.14 < 6.14.2
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.18% | 0.078 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
CWE-416 Use After Free
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.
https://git.kernel.org/stable/c/bc1db4d8f1b0dc480d7d745a60a8cc94ce2badd4
https://git.kernel.org/stable/c/667a628ab67d359166799fad89b3c6909599558a
https://git.kernel.org/stable/c/a114d25d584c14019d31dbf2163780c47415a187
https://git.kernel.org/stable/c/78411a133312ce7d8a3239c76a8fd85bca1cc10f
https://git.kernel.org/stable/c/7aa6bb5276d9fec98deb05615a086eeb893854ad
https://git.kernel.org/stable/c/83437689249e6a17b25e27712fbee292e42e7855
https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html