In the Linux kernel, the following vulnerability has been resolved: RDMA: Fix use-after-free in rxe_queue_cleanup The Linux kernel CVE team has assigned CVE-2021-47616 to this issue. Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024061909-CVE-2021-47616-5ee0@gregkh/T
1-Comparing the code that fixes the patch, particularly the file /drivers/infiniband/sw/rxe/rxe_qp.c vs kernel-4.18.0.425.3.1 diff --git a/drivers/infiniband/sw/rxe/rxe_qp.c b/drivers/infiniband/sw/rxe/rxe_qp.c index 1ab6af7ddb2549..ed326d82725cd1 100644 --- a/drivers/infiniband/sw/rxe/rxe_qp.c +++ b/drivers/infiniband/sw/rxe/rxe_qp.c @@ -367,6 +367,7 @@ int rxe_qp_from_init(struct rxe_dev *rxe, struct rxe_qp *qp, struct rxe_pd *pd, err2: rxe_queue_cleanup(qp->sq.queue); + qp->sq.queue = NULL; err1: qp->pd = NULL; qp->rcq = NULL; The kernel-4.18.0.425.3.1 includes the patched lines. -------------------- 353 err2: 354 rxe_queue_cleanup(qp->sq.queue); 355 qp->sq.queue = NULL; 356 err1: -------------------- Based on the above, I can confirm that the kernel4.18.0-425.3.1 code has been patched, however I see that this was fixed in RHEL 8.7. https://access.redhat.com/security/cve/cve-2021-47616 Was this fixed in kernel4.18.0-425.3.1 or RHEL 8.7?