CVE-2022-50666

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A flaw exists in the Linux kernel’s RDMA/siw implementation related to the destruction of Queue Pairs (QPs). The issue occurs because QP destruction completion is not delayed until all siw references to the QP are dropped, potentially leading to a use-after-free condition. This was observed during testing with xfstest generic/460 while testing NFSoRDMA, specifically after a TCP connection drop by a peer, where a delayed siw cm work handler referenced a QP that had already been freed.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.