CVE-2018-20855 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Kernel

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-200 — Sensitive Information Exposure8 documents7 sources

Severity

3.3LOWNVD

EPSS

0.1%

top 70.74%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Kernel Netapp Active IQ Unified Manager Opensuse Leap

Timeline

PublishedJul 26

Latest updateMay 24

Description

An issue was discovered in the Linux kernel before 4.18.7. In create_qp_common in drivers/infiniband/hw/mlx5/qp.c, mlx5_ib_create_qp_resp was never initialized, resulting in a leak of stack memory to userspace.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NExploitability: 1.8 | Impact: 1.4

Affected Packages4 packages

▶NVDlinux/linux_kernel< 4.18.7

▶Debianlinux/linux_kernel< 4.18.8-1+3

▶NVDopensuse/leap15.0, 15.1+1

▶NVDnetapp/active_iq_unified_manager

Patches

Patch: git.kernel.org ↗Patch: github.com ↗Patch: git.kernel.org ↗

🔴Vulnerability Details

GHSA

GHSA-xr6p-4wfc-3fxp: An issue was discovered in the Linux kernel before 4↗2022-05-24

▶

OSV

CVE-2018-20855: An issue was discovered in the Linux kernel before 4↗2019-07-26

▶

CVEList

CVE-2018-20855: An issue was discovered in the Linux kernel before 4↗2019-07-26

▶

📋Vendor Advisories

Red Hat

kernel: Information leak in create_qp_common in drivers/infiniband/hw/mlx5/qp.c↗2019-07-26

▶

Debian

CVE-2018-20855: linux - An issue was discovered in the Linux kernel before 4.18.7. In create_qp_common i...↗2018

▶

💬Community

Bugzilla

CVE-2018-20855 kernel: Information leak in create_qp_common in drivers/infiniband/hw/mlx5/qp.c↗2019-08-07

▶

Bugzilla

CVE-2018-20855 kernel: Information leak in create_qp_common in drivers/infiniband/hw/mlx5/qp.c [fedora-all]↗2019-08-07

▶