Linux Kernel RDMA/hfi1 Lock Initialization Vulnerability

Vulnerability

A vulnerability in the Linux kernel's RDMA/hfi1 component can lead to the use of an uninitialized lock. This issue arises if the probing of hfi1 fails before the sdma_map_lock is initialized. Consequently, the hfi1_free_devdata() function may attempt to use this uninitialized lock. When the locking correctness validator is active, this can trigger an INFO message along with a stack trace indicating a registration issue with a non-static key. The sdma_map_lock is intended for managing sdma_map memory, which is not allocated until after the lock is initialized. To avoid this vulnerability, the code should check if sdma_map is not NULL before attempting to use the lock.

Impact

Exploitation of this vulnerability can lead to improper locking behavior, potentially causing synchronization issues in the RDMA/hfi1 component.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel RDMA/hfi1 Lock Initialization Vulnerability

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating