CVE-2024-47750

Source
https://nvd.nist.gov/vuln/detail/CVE-2024-47750
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-47750.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-47750
Downstream
Related
Published
2024-10-21T13:15:05Z
Modified
2025-08-09T20:01:28Z
Severity
  • 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved:

RDMA/hns: Fix Use-After-Free of rsv_qp on HIP08

Currently rsvqp is freed before ibunregisterdevice() is called on HIP08. During the time interval, users can still dereg MR and rsvqp will be used in this process, leading to a UAF. Move the release of rsvqp after calling ibunregister_device() to fix it.

References

Affected packages