CVE-2022-50671
Description
In the Linux kernel, the following vulnerability has been resolved:
RDMA/rxe: Fix "kernel NULL pointer dereference" error
When rxe_queue_init in the function rxe_qp_init_req fails, both qp->req.task.func and qp->req.task.arg are not initialized.
Because of creation of qp fails, the function rxe_create_qp will call rxe_qp_do_cleanup to handle allocated resource.
Before calling __rxe_do_task, both qp->req.task.func and qp->req.task.arg should be checked.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
NULL pointer dereference in Linux kernel RDMA/rxe when queue initialization fails, leading to potential crash.
Vulnerability
In the Linux kernel's RDMA/rxe driver, when rxe_queue_init fails during rxe_qp_init_req, the function rxe_qp_init_req does not initialize qp->req.task.func and qp->req.task.arg. This leaves these pointers uninitialized, causing a NULL pointer dereference when rxe_qp_do_cleanup is called during error handling of the failed QP creation [1].
Exploitation
An attacker with local access and the ability to trigger RDMA queue pair creation (e.g., via RDMA subsystem calls) could cause rxe_queue_init to fail, leading to the NULL pointer dereference. The vulnerability requires no special privileges beyond the ability to create queue pairs, and it is triggered during normal cleanup operations.
Impact
A successful exploit results in a kernel NULL pointer dereference, causing a system crash (denial of service). This could lead to a denial of service condition, as the kernel panics or hangs. There is no evidence of privilege escalation or remote exploitation.
Mitigation
The issue is resolved in Linux kernel stable releases with commits [1] and related backports. Users should update to the latest stable kernel version. No workaround is available, as the vulnerability is in the driver cleanup path.
AI Insight generated on May 19, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
3Patches
9cdce36a88defa625ca30eff848cd7098e717eca1196930109c5dd6993c790d773c58d702f2f405af70e6bb33fa65da773b8752f086ebVulnerability mechanics
Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
9- git.kernel.org/stable/c/0d773c58d702f0a7c16ee8d69617fd2c28350795nvd
- git.kernel.org/stable/c/3b8752f086eb6865cc3662ad13249b03024501e5nvd
- git.kernel.org/stable/c/48cd7098e71735ccafa0b3cf27c53924f9cb5b2fnvd
- git.kernel.org/stable/c/9c5dd6993c794703e74c6ba17ac78ca0211ef940nvd
- git.kernel.org/stable/c/a625ca30eff806395175ebad3ac1399014bdb280nvd
- git.kernel.org/stable/c/bb33fa65da77f5f02dbee6f25cebaeedfcd70028nvd
- git.kernel.org/stable/c/cdce36a88def550773142a34ef727a830cad96a8nvd
- git.kernel.org/stable/c/eca119693010032d6cc6e7e9b4fb2c363c7e12cenvd
- git.kernel.org/stable/c/f2f405af70e6f0419e718d23fa304798a5405c41nvd
News mentions
0No linked articles in our index yet.