CVE-2019-16921
EUVD-2019-741527.09.2019, 13:15
In the Linux kernel before 4.17, hns_roce_alloc_ucontext in drivers/infiniband/hw/hns/hns_roce_main.c does not initialize the resp data structure, which might allow attackers to obtain sensitive information from kernel stack memory, aka CID-df7e40425813.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| linux | linux_kernel | 𝑥 < 4.17 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
Ubuntu Product | |||||||||
|---|---|---|---|---|---|---|---|---|---|
| linux |
| ||||||||
| linux-aws |
| ||||||||
| linux-aws-hwe |
| ||||||||
| linux-azure |
| ||||||||
| linux-azure-edge |
| ||||||||
| linux-gcp |
| ||||||||
| linux-gcp-edge |
| ||||||||
| linux-gke-4.15 |
| ||||||||
| linux-gke-5.0 |
| ||||||||
| linux-hwe |
| ||||||||
| linux-hwe-edge |
| ||||||||
| linux-kvm |
| ||||||||
| linux-lts-trusty |
| ||||||||
| linux-lts-xenial |
| ||||||||
| linux-oem |
| ||||||||
| linux-oracle |
| ||||||||
| linux-raspi2 |
| ||||||||
| linux-snapdragon |
|
Common Weakness Enumeration
References