CVE-2024-47750 – This CVE describes a use-after-free vulnerabili... (How to Fix)

Q: What is the severity of CVE-2024-47750?

CVE-2024-47750 has a CVSS score of 7.8 (HIGH). This CVE describes a use-after-free vulnerability in the Linux kernel's RDMA subsystem for Huawei HIP08 hardware. Attackers could potentially exploit this to crash the system or execute arbitrary code with kernel privileges. Systems using RDMA on Huawei HIP08 hardware with affected kernel versions are vulnerable.

📋 TL;DR

This CVE describes a use-after-free vulnerability in the Linux kernel's RDMA subsystem for Huawei HIP08 hardware. Attackers could potentially exploit this to crash the system or execute arbitrary code with kernel privileges. Systems using RDMA on Huawei HIP08 hardware with affected kernel versions are vulnerable.

💻 Affected Systems

Products:

Linux kernel with RDMA/hns driver for Huawei HIP08 hardware

Versions: Specific kernel versions containing the vulnerable code (check git commits for exact ranges)

Operating Systems: Linux distributions using affected kernel versions

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects systems using RDMA on Huawei HIP08 hardware. Systems without RDMA or using different hardware are not vulnerable.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel panic leading to system crash or potential arbitrary code execution with kernel privileges, resulting in complete system compromise.

🟠

Likely Case

System crash or kernel panic causing denial of service, requiring system reboot to restore functionality.

🟢

If Mitigated

Limited impact if RDMA is not used or if proper access controls prevent unauthorized users from accessing RDMA interfaces.

🌐 Internet-Facing: LOW - RDMA interfaces are typically not exposed to the internet and require local network access.

🏢 Internal Only: MEDIUM - Requires local network access to RDMA interfaces, but could be exploited by malicious insiders or compromised internal systems.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires access to RDMA interfaces and knowledge of the specific timing window during device deregistration.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Kernel versions containing the fix commits (2ccf1c75d39949d8ea043d04a2e92d7100ea723d and related)

Vendor Advisory: https://git.kernel.org/stable/c/2ccf1c75d39949d8ea043d04a2e92d7100ea723d

Restart Required: Yes

Instructions:

1. Update to a kernel version containing the fix commits. 2. Reboot the system to load the new kernel. 3. Verify the fix is applied by checking kernel version or examining the specific driver code.

🔧 Temporary Workarounds

Disable RDMA on HIP08 hardware

linux

Prevent use of the vulnerable RDMA subsystem on affected hardware

modprobe -r hns_roce_hw_v2
modprobe -r hns_roce

Restrict RDMA access

linux

Use firewall rules to restrict access to RDMA ports

iptables -A INPUT -p tcp --dport 7471 -j DROP
iptables -A INPUT -p udp --dport 7471 -j DROP

🧯 If You Can't Patch

Disable RDMA functionality on HIP08 hardware if not required
Implement strict network segmentation to isolate RDMA traffic and limit potential attack surface

🔍 How to Verify

Check if Vulnerable:

Check if RDMA is enabled on HIP08 hardware and verify kernel version against affected ranges

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version includes the fix commits or test RDMA functionality after patch application

📡 Detection & Monitoring

Log Indicators:

Kernel panic messages related to RDMA or hns driver
System crashes during RDMA operations
Unexpected memory access errors in kernel logs

Network Indicators:

Unusual RDMA traffic patterns
Multiple connection attempts to RDMA ports

SIEM Query:

source="kernel" AND ("panic" OR "oops") AND ("RDMA" OR "hns" OR "HIP08")

📊 Metadata

CVE ID: CVE-2024-47750

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-416

Published: October 21, 2024

Last Updated: November 3, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-47750, you might also want to check these: