Updated: 2022-10-25 20:38:37.278494
Description:
An issue was discovered in the Linux kernel before 5.10. drivers/infiniband/core/ucma.c has a use-after-free because the ctx is reached via the ctx_list in some ucma_migrate_id situations where ucma_close is called, aka CID-f5449e74802c.
| Links | NIST | CIRCL | RHEL | Ubuntu |
| Severity | Score | |
|---|---|---|
| CVSS Version 2.x | MEDIUM | 6.8 |
| CVSS Version 3.x | HIGH | 7.8 |
| OS name | Project name | Version | Score | Severity | Status | Errata | Last updated |
|---|---|---|---|---|---|---|---|
| CentOS 6 ELS | kernel | 2.6.32 | 7.8 | HIGH | Released | CLSA-2022:1650377052 | 2022-05-04 13:10:42 |
| CentOS 8.4 ELS | kernel | 4.18.0 | 7.8 | HIGH | Released | CLSA-2022:1644933991 | 2022-05-01 06:54:24 |
| CentOS 8.5 ELS | kernel | 4.18.0 | 7.8 | HIGH | Not Vulnerable | 2022-06-01 08:36:40 | |
| CloudLinux 6 ELS | kernel | 2.6.32 | 7.8 | HIGH | Released | 2023-09-19 14:13:51 | |
| Oracle Linux 6 ELS | kernel | 2.6.32 | 7.8 | HIGH | Released | CLSA-2022:1669850228 | 2022-11-30 19:52:06 |
| Ubuntu 16.04 ELS | linux | 4.4.0 | 7.8 | HIGH | Released | CLSA-2022:1643637294 | 2022-01-31 11:44:07 |
| Ubuntu 16.04 ELS | linux-hwe | 4.15.0 | 7.8 | HIGH | Already Fixed | 2022-09-28 03:36:15 |