In the Linux kernel before 4.17, hns_roce_alloc_ucontext in drivers/infiniband/hw/hns/hns_roce_main.c does not initialize the resp data structure, which might allow attackers to obtain sensitive information from kernel stack memory, aka CID-df7e40425813.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2019-09-27T12:07:23
Updated: 2024-08-05T01:24:48.645Z
Reserved: 2019-09-27T00:00:00
Link: CVE-2019-16921
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2019-09-27T13:15:10.553
Modified: 2019-09-27T20:22:06.173
Link: CVE-2019-16921
Redhat