Linux Kernel RDMA/SIW Slab Use-After-Free Vulnerability

Vulnerability

A use-after-free vulnerability in the Linux kernel's RDMA/SIW component has been addressed. The issue arose from a poorly managed direct link to net_device, which caused a 'KASAN: slab-use-after-free' exception during the siw_query_port() call. The vulnerability has been resolved by removing the direct link and relying on the net_device management of associated ib_devices, thereby eliminating redundant local management.

Impact

Exploitation of this vulnerability could lead to a use-after-free condition, potentially allowing for arbitrary code execution or memory corruption.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

3.5

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

3.5

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel RDMA/SIW Slab Use-After-Free Vulnerability

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating