Bugzilla – Bug 1193167
VUL-0: CVE-2021-4028: kernel-source,kernel-source-rt,kernel-source-azure: kernel: use-after-free in RDMA listen()
Last modified: 2022-04-25 16:23:26 UTC
rh#2027201 A flaw in the Linux kernels implementation of RDMA communications manager listener code allowed an attacker with local access to setup socket to listen on a high port allowing for a list element to be used after free. Given the ability to execute code a local attacker could leverage this use-after-free to crash the system or possibly escalate privileges on the system. Upstream commit: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=bc0bdc5afaa740d782fbf936aaeebd65e5c2921d Vulnerable commit: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=732d41c545bb References: https://bugzilla.redhat.com/show_bug.cgi?id=2027201 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-4028
The commit introducing the bug is contained on the following branches: - stable - SLE15-SP3 - SLE15-SP4 These branches also contain the fixing commit (fix introduced by bsc#1181147). I think none of the branches are affected.
(In reply to Thomas Leroy from comment #1) > The commit introducing the bug is contained on the following branches: > - stable > - SLE15-SP3 > - SLE15-SP4 > > These branches also contain the fixing commit (fix introduced by > bsc#1181147). I think none of the branches are affected. added CVE number to SLE15-SP3 SLE15-SP4 all other branches are not affected.
Thanks Thomas for confirming it. Closing since we are not affected.
I cannot see the CVE reference (at least) in SLE15-SP3 log. Was it forgotten or am I missing something? People asked why there is a live patch available but no kernel patch.
reopen to clarify
No idea why/how I missed SLE15-SP3. I've pushed an update to my for-next branch
CVE reference is now present