CVE-2011-1044
18.02.2011, 20:00
The ib_uverbs_poll_cq function in drivers/infiniband/core/uverbs_cmd.c in the Linux kernel before 2.6.37 does not initialize a certain response buffer, which allows local users to obtain potentially sensitive information from kernel memory via vectors that cause this buffer to be only partially filled, a different vulnerability than CVE-2010-4649.Enginsight
Vendor | Product | Version |
---|---|---|
linux | linux_kernel | 𝑥 < 2.6.37 |
redhat | enterprise_linux_desktop | 5.0 |
redhat | enterprise_linux_eus | 5.6 |
redhat | enterprise_linux_server | 5.0 |
redhat | enterprise_linux_server_aus | 5.6 |
redhat | enterprise_linux_workstation | 5.0 |
𝑥
= Vulnerable software versions

Ubuntu Releases
Ubuntu Product | |||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
linux |
| ||||||||||||
linux-ec2 |
| ||||||||||||
linux-fsl-imx51 |
| ||||||||||||
linux-lts-backport-maverick |
| ||||||||||||
linux-lts-backport-natty |
| ||||||||||||
linux-mvl-dove |
| ||||||||||||
linux-source-2.6.15 |
| ||||||||||||
linux-ti-omap4 |
|
Common Weakness Enumeration
References