CVE-2024-47695

HIGH EPSS 15.5%
Published Oct 21, 20241y ago · Modified Jun 17, 20261w ago
7.8 CVSS 3.1
High
Find Similar
Published Oct 21, 2024 1y ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: RDMA/rtrs-clt: Reset cid to con_num - 1 to stay in bounds In the function init_conns(), after the create_con() and create_cm() for loop if something fails. In the cleanup for loop after the destroy tag, we access out of bound memory because cid is set to clt_path->s.con_num. This commits resets the cid to clt_path->s.con_num - 1, to stay in bounds in the cleanup loop later.

CVSS Details

Base Score
7.8
Exploitability
1.8
Impact
5.9
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High

Threat Intelligence

EPSS Exploit Probability
15.5% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-787 Out-of-bounds Write Memory Safety

Affected Products 5

VendorProductVersionRange
linuxlinux_kernel*≥5.8  –  <5.15.168
linuxlinux_kernel*≥5.16  –  <6.1.113
linuxlinux_kernel*≥6.2  –  <6.6.54
linuxlinux_kernel*≥6.7  –  <6.10.13
linuxlinux_kernel*≥6.11  –  <6.11.2

References 7

  • git.kernel.org https://git.kernel.org/stable/c/01b9be936ee8839ab9f83a7e84ee02ac6c8303c4
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/0429a4e972082e3a2351da414b1c017daaf8aed2
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/1c50e0265fa332c94a4a182e4efa0fc70d8fad94
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/3e4289b29e216a55d08a89e126bc0b37cbad9f38
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/5ac73f8191f3de41fef4f934d84d97f3aadb301f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c8b7f3d9fada0d4b4b7db86bf7345cd61f1d972e
    Patch
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/01b9be936ee8839ab9f83a7e84ee02ac6c8303c4
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/0429a4e972082e3a2351da414b1c017daaf8aed2
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/1c50e0265fa332c94a4a182e4efa0fc70d8fad94
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/3e4289b29e216a55d08a89e126bc0b37cbad9f38
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/5ac73f8191f3de41fef4f934d84d97f3aadb301f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c8b7f3d9fada0d4b4b7db86bf7345cd61f1d972e
    Patch