{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2022-49929","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2025-05-01T14:05:17.254Z","datePublished":"2025-05-01T14:11:06.721Z","dateUpdated":"2026-05-11T19:09:26.681Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-05-11T19:09:26.681Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/rxe: Fix mr leak in RESPST_ERR_RNR\n\nrxe_recheck_mr() will increase mr's ref_cnt, so we should call rxe_put(mr)\nto drop mr's ref_cnt in RESPST_ERR_RNR to avoid below warning:\n\n  WARNING: CPU: 0 PID: 4156 at drivers/infiniband/sw/rxe/rxe_pool.c:259 __rxe_cleanup+0x1df/0x240 [rdma_rxe]\n...\n  Call Trace:\n   rxe_dereg_mr+0x4c/0x60 [rdma_rxe]\n   ib_dereg_mr_user+0xa8/0x200 [ib_core]\n   ib_mr_pool_destroy+0x77/0xb0 [ib_core]\n   nvme_rdma_destroy_queue_ib+0x89/0x240 [nvme_rdma]\n   nvme_rdma_free_queue+0x40/0x50 [nvme_rdma]\n   nvme_rdma_teardown_io_queues.part.0+0xc3/0x120 [nvme_rdma]\n   nvme_rdma_error_recovery_work+0x4d/0xf0 [nvme_rdma]\n   process_one_work+0x582/0xa40\n   ? pwq_dec_nr_in_flight+0x100/0x100\n   ? rwlock_bug.part.0+0x60/0x60\n   worker_thread+0x2a9/0x700\n   ? process_one_work+0xa40/0xa40\n   kthread+0x168/0x1a0\n   ? kthread_complete_and_exit+0x20/0x20\n   ret_from_fork+0x22/0x30"}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/infiniband/sw/rxe/rxe_resp.c"],"versions":[{"version":"8a1a0be894da0d06bfbb496cc2dc3057fa83e103","lessThan":"50b35ad2864a9d66f802f9ce193d99bbef64e219","status":"affected","versionType":"git"},{"version":"8a1a0be894da0d06bfbb496cc2dc3057fa83e103","lessThan":"b5f9a01fae42684648c2ee3cd9985f80c67ab9f7","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/infiniband/sw/rxe/rxe_resp.c"],"versions":[{"version":"5.18","status":"affected"},{"version":"0","lessThan":"5.18","status":"unaffected","versionType":"semver"},{"version":"6.0.8","lessThanOrEqual":"6.0.*","status":"unaffected","versionType":"semver"},{"version":"6.1","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.18","versionEndExcluding":"6.0.8"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.18","versionEndExcluding":"6.1"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/50b35ad2864a9d66f802f9ce193d99bbef64e219"},{"url":"https://git.kernel.org/stable/c/b5f9a01fae42684648c2ee3cd9985f80c67ab9f7"}],"title":"RDMA/rxe: Fix mr leak in RESPST_ERR_RNR","x_generator":{"engine":"bippy-1.2.0"}}}}