CVE-2021-47026

Summary

CVE-2021-47026 is a vulnerability in the Linux kernel's RDMA/rtrs-clt component. This issue arises due to a sequence issue in the rtrs_clt_remove_path_from_sysfs function. When a session is removed dynamically via the sysfs interface, the function first removes the sysfs interfaces and frees the session statistics object. However, it then removes the session from the active list. Consequently, some functions may try to access a non-connected session and the freed session statistics object, leading to a use-after-free issue. Functions such as rtrs_clt_request and get_next_path_min_inflight check the session status before accessing it but can still be affected if they fail to catch the status change during the session removal. The patch resolves this by changing the order of operations in rtrs_clt_remove_path_from_sysfs, ensuring that the session is removed from the active list before the sysfs interfaces are destroyed. Nonetheless, each function must still verify the session status before attempting to access it.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.