Alpaquita LinuxStreamSecurity Advisory
Search Cve

CVE-2021-3923

Published: March 27, 2023Last modified: November 8, 2023

Description

A flaw was found in the Linux kernel's implementation of RDMA over infiniband. An attacker with a privileged local account can leak kernel stack information when issuing commands to the /dev/infiniband/rdma_cm device node. While this access is unlikely to leak sensitive user information, it can be further used to defeat existing kernel protection mechanisms.

Severity score breakdown

ParameterValue
Base score2.3
Attack VectorLOCAL
Attack complexityLOW
Privileges requiredHIGH
User interactionNONE
ScopeUNCHANGED
ConfidentialityLOW
Integrity impactNONE
Availability impactNONE
VectorCVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

Status

ProductReleasePackageStatus
Alpaquita LinuxStreamlinux-ltsUnknown (6.1.33-r0)

References

ON THIS PAGE