PT-2021-8195 · Linux+2 · Linux Kernel+2

Ruozhu Li

·

Published

2021-09-14

·

Updated

2025-01-27

·

CVE-2021-47378

CVSS v2.0

10

Critical

VectorAV:N/AC:L/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description The issue is related to the nvme-rdma function in the Linux kernel, where the destruction of the cm id before the qp can lead to a use-after-free condition. This occurs when the RDMA connection establishment error flow destroys the qp in the cm event handler, potentially causing the cm event to be received after the qp has been destroyed. To avoid this, the cm id should be destroyed before the qp, and in case of an error, the cm error should be reported to the upper level, allowing the qp to be destroyed after the cm id.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

BDU:2024-10597
CVE-2021-47378
OPENSUSE-SU-2024_2185-1
OPENSUSE-SU-2024_2189-1
OPENSUSE-SU-2024_3651-1
OPENSUSE-SU-2024_3652-1
OPENSUSE-SU-2024_3685-1
OPENSUSE-SU-2024_3798-1
OPENSUSE-SU-2024_3814-1
OPENSUSE-SU-2024_3854-1
OPENSUSE-SU-2024_4180-1
OPENSUSE-SU-2024_4256-1
OPENSUSE-SU-2024_4264-1
OPENSUSE-SU-2025_0101-1
OPENSUSE-SU-2025_0106-1
OPENSUSE-SU-2025_0137-1
OPENSUSE-SU-2025_0238-1
OPENSUSE-SU-2025_0240-1
OPENSUSE-SU-2025_0244-1
RHSA-2022:7683
RHSA-2022:8267
RHSA-2024:6297
SUSE-SU-2024:1979-1
SUSE-SU-2024:1983-1
SUSE-SU-2024:2008-1
SUSE-SU-2024:2010-1
SUSE-SU-2024:2011-1
SUSE-SU-2024:2019-1
SUSE-SU-2024:2183-1
SUSE-SU-2024:2184-1
SUSE-SU-2024:2185-1
SUSE-SU-2024:2189-1
SUSE-SU-2024:2190-1
SUSE-SU-2024:3014-1
SUSE-SU-2024:3015-1
SUSE-SU-2024:3021-1
SUSE-SU-2024:3023-1
SUSE-SU-2024:3027-1
SUSE-SU-2024:3030-1
SUSE-SU-2024:3034-1
SUSE-SU-2024:3037-1
SUSE-SU-2024:3039-1
SUSE-SU-2024:3040-1
SUSE-SU-2024:3041-1
SUSE-SU-2024:3043-1
SUSE-SU-2024:3044-1
SUSE-SU-2024:3048-1
SUSE-SU-2024:3642-1
SUSE-SU-2024:3649-1
SUSE-SU-2024:3651-1
SUSE-SU-2024:3652-1
SUSE-SU-2024:3662-1
SUSE-SU-2024:3663-1
SUSE-SU-2024:3685-1
SUSE-SU-2024:3796-1
SUSE-SU-2024:3798-1
SUSE-SU-2024:3803-1
SUSE-SU-2024:3814-1
SUSE-SU-2024:3820-1
SUSE-SU-2024:3821-1
SUSE-SU-2024:3849-1
SUSE-SU-2024:3854-1
SUSE-SU-2024:4180-1
SUSE-SU-2024:4226-1
SUSE-SU-2024:4242-1
SUSE-SU-2024:4249-1
SUSE-SU-2024:4250-1
SUSE-SU-2024:4256-1
SUSE-SU-2024:4263-1
SUSE-SU-2024:4264-1
SUSE-SU-2025:0091-1
SUSE-SU-2025:0101-1
SUSE-SU-2025:0103-1
SUSE-SU-2025:0106-1
SUSE-SU-2025:0137-1
SUSE-SU-2025:0238-1
SUSE-SU-2025:0240-1
SUSE-SU-2025:0244-1

Affected Products

Astra Linux
Linux Kernel
Suse