CVE-2021-47391

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue arises from the RDMA/cma component in the Linux kernel, where the Finite State Machine (FSM) can enter a cycle, allowing rdma resolve ip() to be called twice on the same id priv. This violates the invariant that the same address resolution background request cannot be active twice. The problem occurs because rdma addr cancel() only cancels the first request on the list, while the second request remains active and can lead to a use-after-free error on id priv. The fix involves remembering if id priv has called rdma resolve ip() and always canceling before calling it again, ensuring the request list never has more than one item.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.