Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix error unwind in rxe_create_qp() In the function rxe_create_qp(), rxe_qp_from_init() is called to initialize qp, internally things like the spin locks are not setup until rxe_qp_init_req(). If an error occures before this point then the unwind will call rxe_cleanup() and eventually to rxe_qp_do_cleanup()/rxe_cleanup_task() which will oops when trying to access the uninitialized spinlock. Move the spinlock initializations earlier before any failures.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | >= 4.8, < 4.14.291 |
Related Weaknesses (CWE)
References
- https://git.kernel.org/stable/c/1a63f24e724f677db1ab21251f4d0011ae0bb5b5Patch
- https://git.kernel.org/stable/c/2ceeb04252e621c0b128ecc8fedbca922d11adbaPatch
- https://git.kernel.org/stable/c/3c838ca6fbdb173102780d7bdf18f2f7d9e30979Patch
- https://git.kernel.org/stable/c/3ef491b26c720a87fcfbd78b7dc8eb83d9753fe6Patch
- https://git.kernel.org/stable/c/b348e204a53103f51070513a7494da7c62ecbdaaPatch
- https://git.kernel.org/stable/c/db924bd8484c76558a4ac4c4b5aeb52e857f0341Patch
- https://git.kernel.org/stable/c/f05b7cf02123aaf99db78abfe638efefdbe15555Patch
- https://git.kernel.org/stable/c/fd5382c5805c4bcb50fd25b7246247d3f7114733Patch
FAQ
What is CVE-2022-50127?
CVE-2022-50127 is a vulnerability with a CVSS score of 5.5 (MEDIUM). In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix error unwind in rxe_create_qp() In the function rxe_create_qp(), rxe_qp_from_init() is called to initialize qp, inte...
How severe is CVE-2022-50127?
CVE-2022-50127 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-50127?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.