Linux Kernel RDMA Mana Error Unwind Vulnerability in Queue Pair Creation

A vulnerability has been identified in the Linux kernel's RDMA Mana implementation, specifically within the function responsible for creating queue pairs with receive-side scaling. This issue arises because the function does not properly manage the cleanup of a certain configuration steering, leading to a resource leak. The vulnerability affects the stable version of the Linux kernel that includes the RDMA Mana driver for Microsoft Azure Network Adapter.

Impact

The vulnerability can cause a resource leak by failing to properly clean up configuration steering related to virtual ports, which could lead to increased resource usage or exhaustion.

Reproduction

The vulnerability can be reproduced by invoking the 'mana_ib_create_qp_rss' function within the RDMA Mana driver. This function will fail to properly disable receive processing for the associated virtual port if an error occurs, leaving the port in a potentially problematic state. The leaked configuration steering can be observed by monitoring the virtual port's receive handling after the function has been called and an error has occurred.

Remediation

Users can apply the latest patches available in the Linux kernel stable tree to address this vulnerability.