In the Linux kernel, the following vulnerability has been...
Moderate severity
Unreviewed
Published
Mar 3, 2024
to the GitHub Advisory Database
•
Updated Dec 11, 2024
Description
Published by the National Vulnerability Database
Mar 2, 2024
Published to the GitHub Advisory Database
Mar 3, 2024
Last updated
Dec 11, 2024
In the Linux kernel, the following vulnerability has been resolved:
RDMA/siw: Fix connection failure handling
In case immediate MPA request processing fails, the newly
created endpoint unlinks the listening endpoint and is
ready to be dropped. This special case was not handled
correctly by the code handling the later TCP socket close,
causing a NULL dereference crash in siw_cm_work_handler()
when dereferencing a NULL listener. We now also cancel
the useless MPA timeout, if immediate MPA request
processing fails.
This patch furthermore simplifies MPA processing in general:
Scheduling a useless TCP socket read in sk_data_ready() upcall
is now surpressed, if the socket is already moved out of
TCP_ESTABLISHED state.
References