CVE-2022-50127

medium

Description

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix error unwind in rxe_create_qp() In the function rxe_create_qp(), rxe_qp_from_init() is called to initialize qp, internally things like the spin locks are not setup until rxe_qp_init_req(). If an error occures before this point then the unwind will call rxe_cleanup() and eventually to rxe_qp_do_cleanup()/rxe_cleanup_task() which will oops when trying to access the uninitialized spinlock. Move the spinlock initializations earlier before any failures.

References

https://git.kernel.org/stable/c/fd5382c5805c4bcb50fd25b7246247d3f7114733

https://git.kernel.org/stable/c/f05b7cf02123aaf99db78abfe638efefdbe15555

https://git.kernel.org/stable/c/db924bd8484c76558a4ac4c4b5aeb52e857f0341

https://git.kernel.org/stable/c/b348e204a53103f51070513a7494da7c62ecbdaa

https://git.kernel.org/stable/c/3ef491b26c720a87fcfbd78b7dc8eb83d9753fe6

https://git.kernel.org/stable/c/3c838ca6fbdb173102780d7bdf18f2f7d9e30979

https://git.kernel.org/stable/c/2ceeb04252e621c0b128ecc8fedbca922d11adba

https://git.kernel.org/stable/c/1a63f24e724f677db1ab21251f4d0011ae0bb5b5

Details

Source: Mitre, NVD

Published: 2025-06-18

Updated: 2025-06-18

Risk Information

CVSS v2

Base Score: 5.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:C

Severity: Medium

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Severity: Medium

EPSS

EPSS: 0.00024