PT-2024-28066 · Linux+8 · Linux Kernel+8
Sherry Yang
·
Published
2024-03-29
·
Updated
2025-10-20
·
CVE-2024-38544
CVSS v3.1
6.3
Medium
| Vector | AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Linux kernel (affected versions not specified)
Description
The issue is related to the RDMA/rxe component in the Linux kernel. In the
rxe comp queue pkt() function, an incoming response packet skb is enqueued to the resp pkts queue, and then a decision is made whether to run the completer task inline or schedule it. The skb is then dereferenced to bump a 'hw' performance counter. However, if the completer task is already running in a separate thread, it may have already processed the skb and freed it, which can cause a seg fault. This has been observed infrequently in testing at high scale. The patch fixes this by changing the order of enqueuing the packet until after the counter is accessed.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Use After Free
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Almalinux
Astra Linux
Debian
Linuxmint
Linux Kernel
Red Hat
Red Os
Suse
Ubuntu