drivers/infiniband/core/ucma.c in the Linux kernel through 4.17.11 allows ucma_leave_multicast to access a certain data structure after a cleanup step in ucma_process_join, which allows attackers to. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
Memory Corruption
Linux
Denial Of Service
Use After Free
Linux Kernel
+2
NVD
GitHub
CVSS 3.0
7.8
EPSS
0.6%