A double-free vulnerability in the Linux kernel RDMA subsystem could allow an attacker to trigger memory corruption and system crashes.

The vulnerability exists in the rxe_srq_from_init function due to improper handling of the queue pointer during initialization. This flaw can be triggered by an authenticated user with access to RDMA interfaces, leading to a double-free condition.

The potential for memory corruption in the kernel can lead to system-wide instability, data corruption, or arbitrary code execution. With a CVSS score of 7.8, this flaw poses a high risk to environments utilizing RDMA/RoCE, potentially affecting high-performance computing clusters and data center infrastructure.

Immediate Action: Apply the latest kernel security updates provided by your distribution vendor.

Proactive Monitoring: Review system logs for kernel panic events and memory allocation errors related to the RDMA subsystem.

Compensating Controls: If patching is delayed, restrict access to RDMA interfaces to trusted users and disable the rdma_rxe module if it is not required for production operations.

Public Exploit Available: false

Kernel vulnerabilities involving memory management are critical. We recommend immediate remediation through verified vendor patches to prevent potential local privilege escalation or denial-of-service attacks against your infrastructure.