Description

In the Linux kernel, the following vulnerability has been resolved: nvme-rdma: destroy cm id before destroy qp to avoid use after free We should always destroy cm_id before destroy qp to avoid to get cma event after qp was destroyed, which may lead to use after free. In RDMA connection establishment error flow, don't destroy qp in cm event handler.Just report cm_error to upper level, qp will be destroy in nvme_rdma_alloc_queue() after destroy cm id.

INFO

Published Date :

2024-05-21T15:03:41.038Z

Last Modified :

2025-12-18T11:37:15.720Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2021-47378 vulnerability.

Vendors Products
Linux
  • Linux Kernel
Redhat
  • Rhel Aus
  • Rhel E4s
  • Rhel Tus
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2021-47378.

URL Resource
https://git.kernel.org/stable/c/9817d763dbe15327b9b3ff4404fa6f27f927e744 cve-icon cve-icon
https://git.kernel.org/stable/c/d268a182c56e8361e19fb781137411643312b994 cve-icon cve-icon
https://git.kernel.org/stable/c/ecf0dc5a904830c926a64feffd8e01141f89822f cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2024052142-CVE-2021-47378-8e72@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2021-47378 cve-icon
https://www.cve.org/CVERecord?id=CVE-2021-47378 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact