CVE-2021-3923: A flaw was found in the Linux kernel's implementation of RDMA over infiniband. An attacker with a privileged local account can leak kernel stack information…

CVE-2017-18342 [CRITICAL] PAN-SA-2024-0001 Informational Bulletin: Impact of OSS CVEs in PAN-OS PAN-SA-2024-0001 Informational Bulletin: Impact of OSS CVEs in PAN-OS The Palo Alto Networks Product Security Assurance team has evaluated the following open source software (OSS) CVEs as they relate to PAN-OS software. While PAN-OS software may include the CVEs: CVE-2017-18342, CVE-2017-8923, CVE-2017-9120, CVE-2019-1551, CVE-2019-16865, CVE-2019-16905, CVE-2019-19523, CVE-2019-19528, CVE-2019-19911, CVE-2020-0404, CVE-2020-0431, CVE-2020-0466, CVE-2020-10379, CVE-2020-11538, CVE-2020-11608, CVE-2020-12114, CVE-2020-12321, CVE-2020-12362, CVE-2020-12363, CVE-2020-12364, CVE-2020-13757, CVE-2020-14314, CVE-2020-14351, CVE-2020-15778, CVE-2020-1967, CVE-2020-24394, CVE-2020-24504, CVE-2020-25211, CVE-2020-25212, CVE-2020-25284, CVE-2020-25285, CVE-2020-25717, CVE-2020-26541, CVE-2020-2715

CVE-2021-3923 [LOW] CWE-200 A flaw was found in the Linux kernel's implementation of RDMA over infiniband. An attacker with a privileged local account can leak kernel stack information when issuing commands to the /dev/infiniban A flaw was found in the Linux kernel's implementation of RDMA over infiniband. An attacker with a privileged local account can leak kernel stack information when issuing commands to the /dev/infiniband/rdma_cm device node. While this access is unlikely to leak sensitive user information it can be further used to defeat existing kernel protection mechanisms. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which i

CVE-2021-3923 [LOW] CWE-200 kernel: stack information leak in infiniband RDMA kernel: stack information leak in infiniband RDMA A flaw was found in the Linux kernel's implementation of RDMA over infiniband. An attacker with a privileged local account can leak kernel stack information when issuing commands to the /dev/infiniband/rdma_cm device node. While this access is unlikely to leak sensitive user information, it can be further used to defeat existing kernel protection mechanisms. A flaw was found in the Linux kernel's implementation of RDMA over infiniband. An attacker with a privileged local account can leak kernel stack information when issuing commands to the /dev/infiniband/rdma_cm device node. While this access is unlikely to leak sensitive user information, it can be further used to defeat existing kernel protection mechanisms. Mitigation: Mitigation fo

CVE-2021-3923 [LOW] CVE-2021-3923: linux - A flaw was found in the Linux kernel's implementation of RDMA over infiniband. A... A flaw was found in the Linux kernel's implementation of RDMA over infiniband. An attacker with a privileged local account can leak kernel stack information when issuing commands to the /dev/infiniband/rdma_cm device node. While this access is unlikely to leak sensitive user information, it can be further used to defeat existing kernel protection mechanisms. Scope: local bookworm: resolved (fixed in 5.15.15-1) bullseye: resolved (fixed in 5.10.92-1) forky: resolved (fixed in 5.15.15-1) sid: resolved (fixed in 5.15.15-1) trixie: resolved (fixed in 5.15.15-1)

CVE-2021-3923 [LOW] CVE-2021-3923: A flaw was found in the Linux kernel's implementation of RDMA over infiniband A flaw was found in the Linux kernel's implementation of RDMA over infiniband. An attacker with a privileged local account can leak kernel stack information when issuing commands to the /dev/infiniband/rdma_cm device node. While this access is unlikely to leak sensitive user information, it can be further used to defeat existing kernel protection mechanisms.

CVE-2021-3923 [LOW] CWE-200 GHSA-c8f9-2rww-56v5: A flaw was found in the Linux kernel's implementation of RDMA over infiniband A flaw was found in the Linux kernel's implementation of RDMA over infiniband. An attacker with a privileged local account can leak kernel stack information when issuing commands to the /dev/infiniband/rdma_cm device node. While this access is unlikely to leak sensitive user information, it can be further used to defeat existing kernel protection mechanisms.

CVE-2021-3923 [LOW] CVE-2021-3923 kernel: stack information leak in infiniband RDMA CVE-2021-3923 kernel: stack information leak in infiniband RDMA A flaw was found in the linux kernels implementation of RDMA over infiniband. An attacker with a priviledged local account can leak kernel stack information when issuing commands to the /dev/infiniband/rdma_cm device node. While this access is unlikely to leak sensitive user information, it can be further used to defeat existing kernel protection mechanisms. Discussion: Created kernel tracking bugs for this issue: Affects: fedora-all [bug 2181601] --- This was fixed for Fedora with the 5.15.14 stable kernel updates. --- Is this related to upstream commit https://git.kernel.org/linus/e1e354771812b12f0b4c433bbaf916f87cd0f6c7 --- Sorry Salvatore, i dont check needinfos so frequently in bugzilla these days. From my not