CVE-2022-50137

HIGH

Linux Kernel 5.14-5.14, 5.16-5.18.18, 5.19-5.19.2 - Use-After-Free in RDMA/irdma CQ Processing

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix a window for use-after-free During a destroy CQ an interrupt may cause processing of a CQE after CQ resources are freed by irdma_cq_free_rsrc(). Fix this by moving the call to irdma_cq_free_rsrc() after the irdma_sc_cleanup_ceqes(), which is called under the cq_lock.

References (4)

Core 4

Core References

Patch

https://git.kernel.org/stable/c/92520864ef9f912f38b403d172a0ded020683d55

Patch

https://git.kernel.org/stable/c/0abf2eef80295923b819ce89ff9edc1fe61be17c

Patch

https://git.kernel.org/stable/c/350ac793a03c8a30a3f2b27fc282cd1c67070763

Patch

https://git.kernel.org/stable/c/8ecef7890b3aea78c8bbb501a4b5b8134367b821

Scores

CVSS v3 7.8

EPSS 0.0021

EPSS Percentile 10.9%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-416

Status published

Products (14)

linux/Kernel 5.14.0 - 5.15.61linux

linux/Kernel 5.16.0 - 5.18.18linux

linux/Kernel 5.19.0 - 5.19.2linux

Linux/Linux < 5.14

Linux/Linux 5.14

Linux/Linux 5.15.61 - 5.15.*

Linux/Linux 5.18.18 - 5.18.*

Linux/Linux 5.19.2 - 5.19.*

Linux/Linux 6.0

Linux/Linux b48c24c2d710cf34810c555dcef883a3d35a9c08 - 0abf2eef80295923b819ce89ff9edc1fe61be17c

... and 4 more

Published Jun 18, 2025

Tracked Since Feb 18, 2026