PT-2024-7587 · Linux+6 · Linux Kernel+6

Published

2024-09-10

·

Updated

2025-09-29

·

CVE-2024-47750

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.58
Description A Use-After-Free vulnerability has been identified in the Linux kernel, specifically in the RDMA/hns component on HIP08. The issue arises when rsv qp is freed before ib unregister device() is called, allowing users to still deregister MR and use rsv qp in this process, leading to a Use-After-Free. This vulnerability may allow an attacker to impact the confidentiality, integrity, and availability of protected information.
Recommendations For Linux kernel versions prior to 6.6.58, update to version 6.6.58 or later to resolve the issue. As a temporary workaround, consider restricting access to the RDMA/hns component on HIP08 until a patch is available. Avoid using the rsv qp variable in the affected process until the issue is resolved.

Exploit

Fix

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

ALSA-2025_16880
ALT-PU-2024-14046
ALT-PU-2024-14268
AZL-50948
BDU:2024-08993
CVE-2024-47750
DLA-4008-1
MGASA-2024-0344
MGASA-2024-0345
OESA-2024-2522
OPENSUSE-SU-2024:14500-1
OPENSUSE-SU-2024_3984-1
OPENSUSE-SU-2024_3986-1
OPENSUSE-SU-2025:14705-1
SUSE-SU-2024:3984-1
SUSE-SU-2024:3986-1
SUSE-SU-2024:4318-1
SUSE-SU-2024:4387-1
SUSE-SU-2025:20163-1
SUSE-SU-2025:20164-1
SUSE-SU-2025:20246-1
SUSE-SU-2025:20247-1
USN-7276-1
USN-7277-1
USN-7301-1
USN-7303-1
USN-7303-2
USN-7303-3
USN-7304-1
USN-7310-1
USN-7311-1
USN-7384-1
USN-7384-2
USN-7385-1
USN-7386-1
USN-7403-1

Affected Products

Alt Linux
Astra Linux
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu