CVE-2011-1044
EUVD-2011-106018.02.2011, 20:00
The ib_uverbs_poll_cq function in drivers/infiniband/core/uverbs_cmd.c in the Linux kernel before 2.6.37 does not initialize a certain response buffer, which allows local users to obtain potentially sensitive information from kernel memory via vectors that cause this buffer to be only partially filled, a different vulnerability than CVE-2010-4649.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| linux | linux_kernel | 𝑥 < 2.6.37 |
| redhat | enterprise_linux_desktop | 5.0 |
| redhat | enterprise_linux_eus | 5.6 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_server_aus | 5.6 |
| redhat | enterprise_linux_workstation | 5.0 |
𝑥
= Vulnerable software versions
Ubuntu Releases
Ubuntu Product | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| linux |
| ||||||||||||
| linux-ec2 |
| ||||||||||||
| linux-fsl-imx51 |
| ||||||||||||
| linux-lts-backport-maverick |
| ||||||||||||
| linux-lts-backport-natty |
| ||||||||||||
| linux-mvl-dove |
| ||||||||||||
| linux-source-2.6.15 |
| ||||||||||||
| linux-ti-omap4 |
|
Common Weakness Enumeration
References