CVE-2024-50062

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-50062

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-50062.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2024-50062

Downstream

BELL-CVE-2024-50062

DEBIAN-CVE-2024-50062

DLA-4008-1

OESA-2024-2491

OESA-2024-2492

OESA-2024-2493

OESA-2024-2494

SUSE-SU-2024:3984-1

SUSE-SU-2024:3986-1

SUSE-SU-2024:4315-1

SUSE-SU-2024:4318-1

SUSE-SU-2024:4364-1

SUSE-SU-2024:4376-1

SUSE-SU-2024:4387-1

openSUSE-SU-2024:14500-1

openSUSE-SU-2025:14705-1

Related

Published

2024-10-21T20:15:18Z

Modified

2025-08-09T19:01:26Z

Severity

5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

In the Linux kernel, the following vulnerability has been resolved:

RDMA/rtrs-srv: Avoid null pointer deref during path establishment

For RTRS path establishment, RTRS client initiates and completes connum of connections. After establishing all its connections, the information is exchanged between the client and server through the inforeq message. During this exchange, it is essential that all connections have been established, and the state of the RTRS srv path is CONNECTED.

So add these sanity checks, to make sure we detect and abort process in error scenarios to avoid null pointer deref.

References

Affected packages