CVE-2018-20855

Published: Jul 26, 2019

Modified: Aug 5, 2024

PUBLISHED

Description

An issue was discovered in the Linux kernel before 4.18.7. In create_qp_common in drivers/infiniband/hw/mlx5/qp.c, mlx5_ib_create_qp_resp was never initialized, resulting in a leak of stack memory to userspace.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/torvalds/linux/commit/0625b4ba1a5d4703c7fb01c497bd6c156908af00

x_refsource_MISC

https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0625b4ba1a5d4703c7fb01c497bd6c156908af00

x_refsource_MISC

https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.18.7

x_refsource_MISC

openSUSE-SU-2019:1924

vendor-advisory

x_refsource_SUSE

openSUSE-SU-2019:1923

vendor-advisory

x_refsource_SUSE

https://security.netapp.com/advisory/ntap-20190905-0002/

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2018-20855

Description

Affected Products

References