Linux Kernel RDMA/rxe Incomplete State Save Vulnerability in Requester Function

A vulnerability exists in the Linux kernel's RDMA/rxe implementation, specifically within the requester function of the RXE (Reliable eXchange) protocol. The issue arises when a send packet is dropped by the IP layer, causing the transmission function to fail. While the state of the work queue entry (WQE) is supposed to be restored for retransmission, the current state-saving routines overlook a critical component—the DMA (Direct Memory Access) structure. This omission is problematic because the DMA structure is essential for processing the scatter-gather (SGE) table. The vulnerability can lead to corruption of resent packets, particularly under heavy stress testing scenarios where fast nodes send large messages to slower nodes, causing packet drops. The vulnerability affects several versions of the Linux kernel.