Bug 4740 - Bugfix for CVE-2021-3923
Summary: Bugfix for CVE-2021-3923
Status: RESOLVED FIXED
Alias: None
Product: ANCK 4.19 Dev
Classification: ANCK
Component: drivers (show other bugs) drivers
Version: unspecified
Hardware: All Linux
: P3-Medium S3-normal
Target Milestone: ---
Assignee: GuixinLiu
QA Contact: shuming
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2023-04-07 18:08 UTC by tangbinzy
Modified: 2023-04-17 17:48 UTC (History)
2 users (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description tangbinzy cmss_group 2023-04-07 18:08:40 UTC
一、漏洞信息
漏洞编号:CVE-2021-3923
漏洞归属组件:kernel
漏洞归属的版本:4.19 5.10
CVSS V3.0分值:
BaseScore:2.3 Low
Vector:CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
漏洞简述:
A flaw was found in the Linux kernel s implementation of RDMA over infiniband. An attacker with a privileged local account can leak kernel stack information when issuing commands to the /dev/infiniband/rdma_cm device node. While this access is unlikely to leak sensitive user information, it can be further used to defeat existing kernel protection mechanisms.
漏洞公开时间:2023-03-28 05:15:00
漏洞创建时间:2023-03-29 13:00:43
漏洞详情参考链接:
https://nvd.nist.gov/vuln/detail/CVE-2021-3923
Comment 1 小龙 admin 2023-04-17 17:48:47 UTC
PR: 
https://gitee.com/anolis/cloud-kernel/pulls/1550