Mustafa Ismail

**Name of the Vulnerable Software and Affected Versions** Intel(R) Ethernet Controller RDMA driver for linux versions prior to 1.9.30 **Description** The issue is related to improper access control in the Intel(R) Ethernet Controller RDMA driver for Linux. This may allow an unauthenticated user to potentially enable escalation of privilege via network access. The vulnerability can be exploited by a remote attacker to increase their privileges. **Recommendations** For versions prior to 1.9.30, update to version 1.9.30 or later to resolve the issue. As a temporary workaround, consider restricting network access to the RDMA driver until a patch is applied.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** A bug in the Linux kernel has been identified, specifically in the RDMA/irdma component. The issue arises when the qos mutex is taken to process RoCEv2 QP's on netdev events, resulting in a kernel splat. This occurs because the handling for RoCEv2 in irdma cm teardown connections uses the mutex, which is unnecessary for RoCEv2 and only required for iWARP. The error is indicated by a "sleeping function called from invalid context" message at kernel/locking/mutex, accompanied by a call trace. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.