CVE-2019-16921

Published: Sep 27, 2019

Modified: Aug 5, 2024

PUBLISHED

Description

In the Linux kernel before 4.17, hns_roce_alloc_ucontext in drivers/infiniband/hw/hns/hns_roce_main.c does not initialize the resp data structure, which might allow attackers to obtain sensitive information from kernel stack memory, aka CID-df7e40425813.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/torvalds/linux/commit/df7e40425813c50cd252e6f5e348a81ef1acae56

x_refsource_MISC

https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=df7e40425813c50cd252e6f5e348a81ef1acae56

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2019-16921

Description

Affected Products

References