CVE-2015-8812: kernel: CXGB3: Logic bug in return code handling prematurely frees key structures causing Use after free or kernel panic.

Severity: Critical

CVSS Score: 9.8

drivers/infiniband/hw/cxgb3/iwch_cm.c in the Linux kernel before 4.5 does not properly identify error conditions, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via crafted packets.