In the Linux kernel, the following vulnerability has been resolved:
RDMA/srpt: Do not register event handler until srpt device is fully setup
Upon rare occasions, KASAN reports a use-after-free Write
in srpt_refresh_port().
This seems to be because an event handler is registered before the
srpt device is fully setup and a race condition upon error may leave a
partially setup event handler in place.
Instead, only register the event handler after srpt device initialization
is complete.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: Linux
Published: 2024-04-17T10:27:32.025Z
Updated: 2024-08-02T00:21:04.204Z
Reserved: 2024-02-19T14:20:24.184Z
Link: CVE-2024-26872
Vulnrichment
Updated: 2024-05-28T19:55:07.607Z
NVD
Status : Awaiting Analysis
Published: 2024-04-17T11:15:09.560
Modified: 2024-06-25T22:15:24.450
Link: CVE-2024-26872
Redhat