Описание
In the Linux kernel, the following vulnerability has been resolved:
RDMA/cma: Fix rdma_resolve_route() memory leak
Fix a memory leak when "mda_resolve_route() is called more than once on the same "rdma_cm_id".
This is possible if cma_query_handler() triggers the RDMA_CM_EVENT_ROUTE_ERROR flow which puts the state machine back and allows rdma_resolve_route() to be called again.
In the Linux kernel, the following vulnerability has been resolved:
RDMA/cma: Fix rdma_resolve_route() memory leak
Fix a memory leak when "mda_resolve_route() is called more than once on the same "rdma_cm_id".
This is possible if cma_query_handler() triggers the RDMA_CM_EVENT_ROUTE_ERROR flow which puts the state machine back and allows rdma_resolve_route() to be called again.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2021-47345
- https://git.kernel.org/stable/c/032c68b4f5be128a2167f35b558b7cec88fe4972
- https://git.kernel.org/stable/c/07583ba2e2d8947c3d365d97608cb436510885ac
- https://git.kernel.org/stable/c/3d08b5917984f737f32d5bee9737b9075c3895c6
- https://git.kernel.org/stable/c/40b613db3a95bc27998e4097d74c2f7e5d083a0b
- https://git.kernel.org/stable/c/4893c938f2a140a74be91779e45e4a7fa111198f
- https://git.kernel.org/stable/c/74f160ead74bfe5f2b38afb4fcf86189f9ff40c9
- https://git.kernel.org/stable/c/e2da8ce2a9543f3ca5c93369bd1fe6eeb572101a
- https://git.kernel.org/stable/c/e4e062da082a199357ba4911145f331d40139ad8
- https://git.kernel.org/stable/c/f4f553d67236145fa5fd203ed7b35b9377e19939
Связанные уязвимости
In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Fix rdma_resolve_route() memory leak Fix a memory leak when "mda_resolve_route() is called more than once on the same "rdma_cm_id". This is possible if cma_query_handler() triggers the RDMA_CM_EVENT_ROUTE_ERROR flow which puts the state machine back and allows rdma_resolve_route() to be called again.
In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Fix rdma_resolve_route() memory leak Fix a memory leak when "mda_resolve_route() is called more than once on the same "rdma_cm_id". This is possible if cma_query_handler() triggers the RDMA_CM_EVENT_ROUTE_ERROR flow which puts the state machine back and allows rdma_resolve_route() to be called again.
In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Fix rdma_resolve_route() memory leak Fix a memory leak when "mda_resolve_route() is called more than once on the same "rdma_cm_id". This is possible if cma_query_handler() triggers the RDMA_CM_EVENT_ROUTE_ERROR flow which puts the state machine back and allows rdma_resolve_route() to be called again.
In the Linux kernel, the following vulnerability has been resolved: R ...
Уязвимость функции cma_resolve_ib_route() модуля drivers/infiniband/core/cma.c - драйвера поддержки InfiniBand ядра операционной системы Linux, позволяющая нарушителю получить доступ к защищаемой информации