CVE-2024-26872: RDMA/srpt: Do not register event handler until srpt device is fully setup
In the Linux kernel, the following vulnerability has been resolved:
RDMA/srpt: Do not register event handler until srpt device is fully setup
The Linux kernel CVE team has assigned CVE-2024-26872 to this issue.
Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024041738-CVE-2024-26872-2d38@gregkh/T
Other sources
In the Linux kernel, the following vulnerability has been resolved:
RDMA/srpt: Do not register event handler until srpt device is fully setup
Upon rare occasions, KASAN reports a use-after-free Write in srptrefreshport().
This seems to be because an event handler is registered before the srpt device is fully setup and a race condition upon error may leave a partially setup event handler in place.
Instead, only register the event handler after srpt device initialization is complete.
— NVD
Linux Kernel is vulnerable to a denial of service, caused by an error related to registering event handler when srpt device is not fully setup. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service.
— IBM
Affected Software
Remediation
Event History
Frequently Asked Questions
What is the severity of CVE-2024-26872?
CVE-2024-26872 is classified as a medium severity vulnerability in the Linux kernel.
How do I fix CVE-2024-26872?
To mitigate CVE-2024-26872, upgrade to a patched version of the Linux kernel such as 5.10.214 or higher.
What versions of the Linux kernel are affected by CVE-2024-26872?
CVE-2024-26872 affects several versions, including those prior to 5.10.214, 5.15.153, 6.1.83, 6.6.23, and other specified versions.
Can CVE-2024-26872 be exploited remotely?
Yes, CVE-2024-26872 could potentially be exploited by an attacker with remote access to the affected systems.
Is there a patch available for CVE-2024-26872?
Yes, patches are available in the form of updated kernel packages from vendors such as Red Hat and Debian.