CVE-2024-42080

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Jul 29, 2024
Updated: Jul 30, 2024
CWE ID 787

Summary

CVE-2024-42080 is a vulnerability affecting the Linux kernel. This issue involves the RDMA/restrack subsystem where a struct rdma_restrack_entry's kern_name was incorrectly set to KBUILD_MODNAME during ib_create_cq(). If the module exits without properly deleting this entry, it may result in an invalid address access during rdma_restrack_clean(), potentially causing instability or crashes. This code was initially intended to help locate forgotten PD releases but is now deemed unnecessary and should be removed.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share