Back to bug 2019643

Who When What Removed Added
Michael Kaplan 2021-11-03 02:20:15 UTC CC security-response-team
Michael Kaplan 2021-11-03 02:21:01 UTC Blocks 2019635
Michael Kaplan 2021-11-03 02:23:27 UTC Alias CVE-2021-3923
Summary EMBARGOED kernel: stack information could leak in function ucma_init_qp_attr in /drivers/infiniband/core/ucma.c EMBARGOED CVE-2021-3923 kernel: stack information could leak in function ucma_init_qp_attr in /drivers/infiniband/core/ucma.c
Michael Kaplan 2021-11-03 02:23:57 UTC Blocks 2019644
Wade Mealing 2021-11-22 07:08:48 UTC CC kheib, wmealing
Wade Mealing 2021-11-23 05:50:27 UTC Comment 0 updated
Wade Mealing 2021-11-23 05:56:13 UTC Summary EMBARGOED CVE-2021-3923 kernel: stack information could leak in function ucma_init_qp_attr in /drivers/infiniband/core/ucma.c EMBARGOED CVE-2021-3923 kernel: stack information leak in infiniband RDMA
Wade Mealing 2021-11-23 05:56:47 UTC Doc Text A flaw was found in the linux kernels implementation of RDMA over infiniband. An attacker with a priviledged local account can leak kernel stack information when issuing commands to the /dev/infiniband/rdma_cm device node. While this access is unlikely to leak sensitive user information, it can be further used to defeat existing kernel protection mechanisms.
Wade Mealing 2021-11-23 07:23:46 UTC CC blc, mlangsdo
Wade Mealing 2021-11-23 07:25:26 UTC Depends On 2025836, 2025832, 2025835, 2025833, 2025834
Eric Christensen 2021-11-23 18:42:33 UTC Doc Text A flaw was found in the linux kernels implementation of RDMA over infiniband. An attacker with a priviledged local account can leak kernel stack information when issuing commands to the /dev/infiniband/rdma_cm device node. While this access is unlikely to leak sensitive user information, it can be further used to defeat existing kernel protection mechanisms. A flaw was found in the Linux kernel's implementation of RDMA over infiniband. An attacker with a privileged local account can leak kernel stack information when issuing commands to the /dev/infiniband/rdma_cm device node. While this access is unlikely to leak sensitive user information, it can be further used to defeat existing kernel protection mechanisms.
Wade Mealing 2021-11-29 05:32:39 UTC Deadline 2021-12-01
Petr Matousek 2021-12-16 15:24:46 UTC Severity medium low
Priority medium low
Red Hat Bugzilla 2022-06-04 08:04:40 UTC CC fpacheco
Red Hat Bugzilla 2022-07-16 03:20:33 UTC CC brdeoliv
Red Hat Bugzilla 2022-12-31 23:36:11 UTC CC fhrbata
Pedro Sampaio 2023-03-24 17:28:18 UTC CC allarkin, dbohanno, ddepaula, debarbos, dfreiber, ezulian, jdenham, jfaracco, jferlan, joe.lawrence, jwyatt, kernel-mgr, ldoskova, lleshchi, lzampier, rogbas, rrobaina, rysulliv, scweaver, tyberry, wcosta, ycote
Summary EMBARGOED CVE-2021-3923 kernel: stack information leak in infiniband RDMA CVE-2021-3923 kernel: stack information leak in infiniband RDMA
Deadline 2021-12-01
Group security, qe_staff
Pedro Sampaio 2023-03-24 17:32:32 UTC Depends On 2181601
Salvatore Bonaccorso 2023-03-25 07:27:00 UTC CC carnil
Flags needinfo?(security-response-team)
Product Security DevOps Team 2023-03-25 11:16:00 UTC Flags needinfo?(security-response-team) needinfo?(wmealing)
Wade Mealing 2023-03-28 06:06:23 UTC Flags needinfo?(wmealing)
Red Hat Bugzilla 2023-04-01 08:41:50 UTC CC dhoward
Red Hat Bugzilla 2023-07-07 08:35:10 UTC Assignee security-response-team nobody
CC security-response-team
Jan Pazdziora 2023-07-29 09:07:54 UTC CC jpazdziora
Flags needinfo?(wmealing)
Jan Pazdziora 2023-07-29 09:10:09 UTC Flags needinfo?(kheib)
Gabriel Gaspar Becker 2023-08-01 14:30:29 UTC Flags needinfo?(mkaplan)
Kamal Heib 2023-08-01 14:48:45 UTC Flags needinfo?(kheib)
Product Security DevOps Team 2023-08-01 19:03:19 UTC Flags needinfo?(wmealing) needinfo?(mkaplan)
Valerie Sroka 2023-08-11 18:39:05 UTC Flags needinfo?(mkaplan) needinfo?(mkaplan) needinfo?(rkeshri) needinfo?(rkeshri)
CC rkeshri, vsroka

Back to bug 2019643