CVE-2022-50666
BaseFortify
Publication date: 2025-12-09
Last updated on: 2025-12-09
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a use-after-free issue in the Linux kernel's RDMA subsystem, specifically in the siw (SoftiWARP) driver. It occurs because the destruction of a Queue Pair (QP) does not wait for all references to the QP to be released. As a result, after a TCP connection drop, a delayed handler may reference a QP that has already been freed, leading to potential memory corruption or crashes.
How can this vulnerability impact me? :
The vulnerability can lead to use-after-free conditions causing memory corruption, system instability, or crashes in systems using the affected RDMA siw driver. This can affect the reliability and security of systems relying on RDMA over TCP connections, potentially leading to denial of service or other unintended behaviors.