Vulnerability in Linux Linux_kernel
CVE-2011-1044
The ib_uverbs_poll_cq function in drivers/infiniband/core/uverbs_cmd.c in the Linux kernel before 2.6.37 does not initialize a certain response buffer, which allows local users to obtain potentially sensitive information from kernel memory…
EPSS: 0.001 (18.6th percentile) — read the EPSS interpretation.
Affected products
- Linux Linux_kernel
- Redhat Enterprise_linux_desktop — versions 5.0
- Redhat Enterprise_linux_eus — versions 5.6
- Redhat Enterprise_linux_server — versions 5.0
- Redhat Enterprise_linux_server_aus — versions 5.6
- Redhat Enterprise_linux_workstation — versions 5.0
- N/a — versions n/a
Weakness classification (CWE)
References
- RHSA-2011:0927 (x_refsource_REDHAT, vendor-advisory, Third Party Advisory)
- cve@mitre.org (x_refsource_CONFIRM)
- cve@mitre.org (x_refsource_CONFIRM, Broken Link)
- cve@mitre.org (x_refsource_CONFIRM, Patch, Third Party Advisory, Issue Tracking)
- kernel-ibuverbspollcq-info-disclosure(65563) (Third Party Advisory, VDB Entry, vdb-entry, x_refsource_XF)
- 46488 (Third Party Advisory, VDB Entry, vdb-entry, x_refsource_BID)