CVE-2024-38545

Source
https://nvd.nist.gov/vuln/detail/CVE-2024-38545
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-38545.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-38545
Downstream
Related
Published
2024-06-19T14:15:14Z
Modified
2025-08-09T19:01:27Z
Severity
  • 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved:

RDMA/hns: Fix UAF for cq async event

The refcount of CQ is not protected by locks. When CQ asynchronous events and CQ destruction are concurrent, CQ may have been released, which will cause UAF.

Use the xa_lock() to protect the CQ refcount.

References

Affected packages