In the Linux kernel, the following vulnerability has been resolved:
nvme-rdma: fix possible use-after-free in transport error_recovery work
While nvme_rdma_submit_async_event_work is checking the ctrl and queue
state before preparing the AER command and scheduling io_work, in order
to fully prevent a race where this check is not reliable the error
recovery work must flush async_event_work before continuing to destroy
the admin queue after setting the ctrl state to RESETTING such that
there is no race .submit_async_event and the error recovery handler
itself changing the ctrl state.
Metrics
Affected Vendors & Products
References
History
Wed, 11 Sep 2024 13:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Wed, 07 Aug 2024 20:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Linux
Linux linux Kernel |
|
Weaknesses | CWE-416 | |
CPEs | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | |
Vendors & Products |
Linux
Linux linux Kernel |
|
Metrics |
cvssV3_1
|
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: Linux
Published: 2024-07-16T11:43:45.213Z
Updated: 2024-09-11T17:34:16.058Z
Reserved: 2024-07-16T11:38:08.892Z
Link: CVE-2022-48788
Vulnrichment
Updated: 2024-09-11T12:42:21.680Z
NVD
Status : Analyzed
Published: 2024-07-16T12:15:03.703
Modified: 2024-08-07T19:48:51.780
Link: CVE-2022-48788
Redhat