Vulnerabilities > CVE-2021-3923

CVSS 2.3 - LOW

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

HIGH

Confidentiality impact

LOW

Integrity impact

NONE

Availability impact

NONE

local

low complexity

redhat

fedoraproject

NVD

Published: 2023-03-27

Updated: 2023-11-07

Summary

A flaw was found in the Linux kernel's implementation of RDMA over infiniband. An attacker with a privileged local account can leak kernel stack information when issuing commands to the /dev/infiniband/rdma_cm device node. While this access is unlikely to leak sensitive user information, it can be further used to defeat existing kernel protection mechanisms.

Vulnerable Configurations

Part	Description	Count
OS	Redhat Redhat Enterprise Linux 7.0 Redhat Enterprise Linux 6.0 Redhat Enterprise Linux 8.0	3
OS	Fedoraproject Fedoraproject Fedora 37	1

References

https://bugzilla.redhat.com/show_bug.cgi?id=2019643
https://lore.kernel.org/all/20220204100036.GA12348%40kili/

Vulnerabilities > CVE-2021-3923 {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"CVE-2021-3923"}]}

Summary

Vulnerable Configurations

References

Vulnerabilities > CVE-2021-3923