CVE-2018-20855
EUVD-2018-1339526.07.2019, 05:15
An issue was discovered in the Linux kernel before 4.18.7. In create_qp_common in drivers/infiniband/hw/mlx5/qp.c, mlx5_ib_create_qp_resp was never initialized, resulting in a leak of stack memory to userspace.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| linux | linux_kernel | 𝑥 < 4.18.7 |
| opensuse | leap | 15.0 |
| opensuse | leap | 15.1 |
| netapp | active_iq_performance_analytics_services | - |
| netapp | active_iq_unified_manager | 9.5 ≤ |
| netapp | data_availability_services | - |
| netapp | element_software | - |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
Ubuntu Product | |||||||||
|---|---|---|---|---|---|---|---|---|---|
| linux |
| ||||||||
| linux-aws |
| ||||||||
| linux-aws-hwe |
| ||||||||
| linux-azure |
| ||||||||
| linux-azure-edge |
| ||||||||
| linux-euclid |
| ||||||||
| linux-flo |
| ||||||||
| linux-gcp |
| ||||||||
| linux-gcp-edge |
| ||||||||
| linux-gke |
| ||||||||
| linux-gke-4.15 |
| ||||||||
| linux-goldfish |
| ||||||||
| linux-grouper |
| ||||||||
| linux-hwe |
| ||||||||
| linux-hwe-edge |
| ||||||||
| linux-kvm |
| ||||||||
| linux-lts-trusty |
| ||||||||
| linux-lts-utopic |
| ||||||||
| linux-lts-vivid |
| ||||||||
| linux-lts-wily |
| ||||||||
| linux-lts-xenial |
| ||||||||
| linux-maguro |
| ||||||||
| linux-mako |
| ||||||||
| linux-manta |
| ||||||||
| linux-oem |
| ||||||||
| linux-oracle |
| ||||||||
| linux-raspi2 |
| ||||||||
| linux-snapdragon |
|
Common Weakness Enumeration
References