CVE-2024-47695

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2024-47695
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-47695.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-47695
Downstream
Related
Published
2024-10-21T11:53:33.266Z
Modified
2026-03-20T12:38:04.896116Z
Summary
RDMA/rtrs-clt: Reset cid to con_num - 1 to stay in bounds
Details

In the Linux kernel, the following vulnerability has been resolved:

RDMA/rtrs-clt: Reset cid to con_num - 1 to stay in bounds

In the function initconns(), after the createcon() and createcm() for loop if something fails. In the cleanup for loop after the destroy tag, we access out of bound memory because cid is set to cltpath->s.con_num.

This commits resets the cid to cltpath->s.connum - 1, to stay in bounds in the cleanup loop later.

Database specific 
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/47xxx/CVE-2024-47695.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
6a98d71daea186247005099758af549e6afdd244
Fixed
0429a4e972082e3a2351da414b1c017daaf8aed2
Fixed
5ac73f8191f3de41fef4f934d84d97f3aadb301f
Fixed
01b9be936ee8839ab9f83a7e84ee02ac6c8303c4
Fixed
1c50e0265fa332c94a4a182e4efa0fc70d8fad94
Fixed
c8b7f3d9fada0d4b4b7db86bf7345cd61f1d972e
Fixed
3e4289b29e216a55d08a89e126bc0b37cbad9f38

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-47695.json"