2019643 – (CVE-2021-3923) CVE-2021-3923 kernel: stack information leak in infiniband RDMA

Bug 2019643 (CVE-2021-3923) - CVE-2021-3923 kernel: stack information leak in infiniband RDMA

Summary: CVE-2021-3923 kernel: stack information leak in infiniband RDMA

Keywords:
Status:	NEW
Alias:	CVE-2021-3923
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	low
Severity:	low
Target Milestone:	---
Assignee:	Nobody
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2006441 2025832 2025833 2025834 2025835 2025836 2036597 2181601
Blocks:	2019635 2019644
TreeView+	depends on / blocked

Reported:	2021-11-03 02:20 UTC by Michael Kaplan
Modified:	2023-08-29 16:17 UTC (History)
CC List:	50 users (show)
Fixed In Version:	kernel 5.16
Doc Type:	If docs needed, set a value
Doc Text:	A flaw was found in the Linux kernel's implementation of RDMA over infiniband. An attacker with a privileged local account can leak kernel stack information when issuing commands to the /dev/infiniband/rdma_cm device node. While this access is unlikely to leak sensitive user information, it can be further used to defeat existing kernel protection mechanisms.
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description Michael Kaplan 2021-11-03 02:20:15 UTC

A flaw was found in the linux kernels implementation of RDMA over infiniband.  An attacker with a priviledged local account can leak kernel stack information when issuing commands to the /dev/infiniband/rdma_cm device node.

While this access is unlikely to leak sensitive user information, it can be further used to defeat existing kernel protection mechanisms.

Comment 13 Pedro Sampaio 2023-03-24 17:32:39 UTC

Created kernel tracking bugs for this issue:

Affects: fedora-all [bug 2181601]

Comment 14 Justin M. Forbes 2023-03-24 20:49:12 UTC

This was fixed for Fedora with the 5.15.14 stable kernel updates.

Comment 15 Salvatore Bonaccorso 2023-03-25 07:27:00 UTC

Is this related to upstream commit https://git.kernel.org/linus/e1e354771812b12f0b4c433bbaf916f87cd0f6c7

Comment 16 Wade Mealing 2023-03-28 06:06:23 UTC

Sorry Salvatore, i dont check needinfos so frequently in bugzilla these days.

From my notes it looks as though it was fixed here:

https://lore.kernel.org/all/20220204100036.GA12348@kili/

Comment 29 Mauro Matteo Cascella 2023-08-28 15:08:28 UTC

This issue was fixed upstream in kernel version 5.16. The kernel packages as shipped in Red Hat Enterprise Linux 8 were previously updated to a version that contains the fix via the following errata:

kernel in Red Hat Enterprise Linux 8
https://access.redhat.com/errata/RHSA-2022:1988

kernel-rt in Red Hat Enterprise Linux 8
https://access.redhat.com/errata/RHSA-2022:1975

Note You need to log in before you can comment on or make changes to this bug.

acaringi
allarkin
bdettelb
bhu
carnil
chwhite
crwood
dbohanno
ddepaula
debarbos
dfreiber
dvlasenk
ezulian
hkrzesin
jarod
jburrell
jdenham
jfaracco
jferlan
jforbes
jlelli
joe.lawrence
jpazdziora
jshortt
jstancek
jwyatt
kcarcia
kernel-mgr
kheib
ldoskova
lgoncalv
lleshchi
lzampier
nmurray
ptalbert
qzhao
rkeshri
rogbas
rrobaina
rvrbovsk
rysulliv
scweaver
tyberry
vkumar
vsroka
walters
wcosta
williams
wmealing
ycote