The ib_uverbs_poll_cq function in drivers/infiniband/core/uverbs_cmd.c in the Linux kernel before 2.6.37 does not initialize a certain response buffer, which allows local users to obtain potentially sensitive information from kernel memory via vectors that cause this buffer to be only partially filled, a different vulnerability than CVE-2010-4649.
References
Link | Resource |
---|---|
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7182afea8d1afd432a17c18162cc3fd441d0da93 | |
http://rhn.redhat.com/errata/RHSA-2011-0927.html | Third Party Advisory |
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.37 | Broken Link |
http://www.securityfocus.com/bid/46488 | Third Party Advisory VDB Entry |
https://bugzilla.redhat.com/show_bug.cgi?id=667916 | Issue Tracking Patch Third Party Advisory |
https://exchange.xforce.ibmcloud.com/vulnerabilities/65563 | Third Party Advisory VDB Entry |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2011-02-18T19:00:00
Updated: 2017-08-16T14:57:01
Reserved: 2011-02-18T00:00:00
Link: CVE-2011-1044
JSON object: View
NVD Information
Status : Modified
Published: 2011-02-18T20:00:09.337
Modified: 2023-11-07T02:06:56.503
Link: CVE-2011-1044
JSON object: View
Redhat Information
No data.
CWE