What the vulnerability does

01Description

An issue was discovered in the Linux kernel through 5.16-rc6. uapi_finalize in drivers/infiniband/core/uverbs_uapi.c lacks check of kmalloc_array().

Key dates

02Disclosure timeline

December 14, 2022 CVE published
April 22, 2025 Record updated