CVE-2022-50129

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2022-50129
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-50129.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2022-50129
Related
Published
2025-06-18T11:15:42Z
Modified
2025-06-18T16:48:33.841698Z
Downstream
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved:

RDMA/srpt: Fix a use-after-free

Change the LIO port members inside struct srptport from regular members into pointers. Allocate the LIO port data structures from inside srptmaketport() and free these from inside srptmaketport(). Keep struct srptdevice as long as either an RDMA port or a LIO target port is associated with it. This patch decouples the lifetime of struct srptport (controlled by the RDMA core) and struct srptport_id (controlled by LIO). This patch fixes the following KASAN complaint:

BUG: KASAN: use-after-free in srptenabletpg+0x31/0x70 [ib_srpt] Read of size 8 at addr ffff888141cc34b8 by task check/5093

Call Trace: <TASK> showstack+0x4e/0x53 dumpstacklvl+0x51/0x66 printaddressdescription.constprop.0.cold+0xea/0x41e printreport.cold+0x90/0x205 kasanreport+0xb9/0xf0 _asanload8+0x69/0x90 srptenabletpg+0x31/0x70 [ibsrpt] targetfabrictpgbaseenablestore+0xe2/0x140 [targetcoremod] configfswriteiter+0x18b/0x210 newsyncwrite+0x1f2/0x2f0 vfswrite+0x3e3/0x540 ksyswrite+0xbb/0x140 _x64syswrite+0x42/0x50 dosyscall64+0x34/0x80 entrySYSCALL64afterhwframe+0x46/0xb0 </TASK>

References

Affected packages

Debian:11 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.10.140-1

Affected versions

5.*

5.10.46-4
5.10.46-5
5.10.70-1~bpo10+1
5.10.70-1
5.10.84-1
5.10.92-1~bpo10+1
5.10.92-1
5.10.92-2
5.10.103-1~bpo10+1
5.10.103-1
5.10.106-1
5.10.113-1
5.10.120-1~bpo10+1
5.10.120-1
5.10.127-1
5.10.127-2~bpo10+1
5.10.127-2
5.10.136-1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Debian:12 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.0.2-1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Debian:13 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.0.2-1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}