Updated: 2025-08-20 02:28:32.43353
Description:
An issue was discovered in the Linux kernel before 5.10. drivers/infiniband/core/ucma.c has a use-after-free because the ctx is reached via the ctx_list in some ucma_migrate_id situations where ucma_close is called, aka CID-f5449e74802c.
| Links | NIST | CIRCL | RHEL | Ubuntu |
| Severity | Score | |
|---|---|---|
| CVSS Version 2.x | MEDIUM | 6.8 |
| CVSS Version 3.x | HIGH | 7.8 |
| OS name | Project name | Version | Score | Severity | Status | Errata | Last updated | Statement |
|---|---|---|---|---|---|---|---|---|
| CentOS 6 ELS | kernel | 2.6.32 | 7.8 | HIGH | Released | CLSA-2022:1650377052 | 2022-05-04 13:10:42 | |
| CentOS 7 ELS | kernel | 3.10.0 | 7.8 | HIGH | Not Vulnerable | 2023-11-03 14:07:50 | ||
| CentOS 8.4 ELS | kernel | 4.18.0 | 7.8 | HIGH | Already Fixed | CLSA-2022:1644933991 | 2025-10-24 07:26:49 | |
| CentOS 8.5 ELS | kernel | 4.18.0 | 7.8 | HIGH | Already Fixed | 2023-10-30 11:22:00 | ||
| CloudLinux 6 ELS | kernel | 2.6.32 | 7.8 | HIGH | Released | 2023-09-19 14:13:51 | ||
| Oracle Linux 6 ELS | kernel | 2.6.32 | 7.8 | HIGH | Released | CLSA-2022:1669850228 | 2022-11-30 19:52:06 | |
| Ubuntu 16.04 ELS | linux-hwe | 4.15.0 | 7.8 | HIGH | Already Fixed | 2022-09-28 03:36:15 | ||
| Ubuntu 16.04 ELS | linux | 4.4.0 | 7.8 | HIGH | Released | CLSA-2022:1643637294 | 2022-01-31 11:44:07 |