CVE-2024-26872

RDMA/srpt: Do not register event handler until srpt device is fully setup

References

https://cve.org/CVERecord/?id=CVE-2024-26872

Notes

 carnil> Introduced in a42d985bd5b2 ("ib_srpt: Initial SRP Target merge for v3.3-rc1").
 carnil> Vulnerable versions: 3.3-rc1.

Bugs

Status

Branch	Status
4.19-buster-security	needed
4.19-upstream-stable	needed
5.10-bullseye-security	released (5.10.216-1)
5.10-upstream-stable	released (5.10.214) [bdd895e0190c464f54f84579e7535d80276f0fc5]
6.1-bookworm-security	released (6.1.85-1)
6.1-upstream-stable	released (6.1.83) [e362d007294955a4fb929e1c8978154a64efdcb6]
6.6-upstream-stable	released (6.6.23) [85570b91e4820a0db9d9432098778cafafa7d217]
6.8-upstream-stable	released (6.8.2) [ec77fa12da41260c6bf9e060b89234b980c5130f]
sid	released (6.7.12-1)
upstream	released (6.9-rc1) [c21a8870c98611e8f892511825c9607f1e2cd456]