Linux · Linux Kernel · CVE-2022-48673
**Name of the Vulnerable Software and Affected Versions**
Linux kernel versions prior to 5.10.0-0607+ #23
**Description**
The Linux kernel has a vulnerability that allows possible access to freed memory in link clear. After modifying the QP to the Error state, all RX WR would be completed with WC in IB WC WR FLUSH ERR status. The current implementation does not wait for it to be done but destroys the QP and frees the link group directly, resulting in a risk of accessing freed memory in tasklet context.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.