Linux · Linux Kernel · CVE-2021-47378
**Name of the Vulnerable Software and Affected Versions**
Linux kernel (affected versions not specified)
**Description**
The issue is related to the nvme-rdma function in the Linux kernel, where the destruction of the cm id before the qp can lead to a use-after-free condition. This occurs when the RDMA connection establishment error flow destroys the qp in the cm event handler, potentially causing the cm event to be received after the qp has been destroyed. To avoid this, the cm id should be destroyed before the qp, and in case of an error, the cm error should be reported to the upper level, allowing the qp to be destroyed after the cm id.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.