CVE-2024-50062

Source
https://nvd.nist.gov/vuln/detail/CVE-2024-50062
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-50062.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-50062
Downstream
Related
Published
2024-10-21T20:15:18Z
Modified
2025-08-09T19:01:26Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved:

RDMA/rtrs-srv: Avoid null pointer deref during path establishment

For RTRS path establishment, RTRS client initiates and completes connum of connections. After establishing all its connections, the information is exchanged between the client and server through the inforeq message. During this exchange, it is essential that all connections have been established, and the state of the RTRS srv path is CONNECTED.

So add these sanity checks, to make sure we detect and abort process in error scenarios to avoid null pointer deref.

References

Affected packages