VDB

DEBIAN-CVE-2021-47001

DEBIAN-CVE-2021-47001 PUBLISHED CVSS 4.699999809265137 MEDIUM

In the Linux kernel, the following vulnerability has been resolved: xprtrdma: Fix cwnd update ordering After a reconnect, the reply handler is opening the cwnd (and thus enabling more RPC Calls to be sent) /before/ rpcrdma_post_recvs() can post enough Receive WRs to receive their replies. This causes an RNR and the new connection is lost immediately. The race is most clearly exposed when KASAN and disconnect injection are enabled. This slows down rpcrdma_rep_create() enough to allow the send side to post a bunch of RPC Calls before the Receive completion handler can invoke ib_post_recv().

Risk Scores

CVSS 3.1
4.699999809265137
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Products

VendorProductVersions
Debian:13linux0, 0, 0
Debian:11linux0, 0, 0
Debian:14linux0, 0, 0
Debian:12linux0, 0, 0

Timeline

  • Feb 28, 2024 CVE Published
  • Apr 28, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›