Executive Summary

Informations
NameCVE-2019-16921First vendor Publication2019-09-27
VendorCveLast vendor Modification2019-09-27

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:N/A:N)
Cvss Base Score5Attack RangeNetwork
Cvss Impact Score2.9Attack ComplexityLow
Cvss Expoit Score10AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

In the Linux kernel before 4.17, hns_roce_alloc_ucontext in drivers/infiniband/hw/hns/hns_roce_main.c does not initialize the resp data structure, which might allow attackers to obtain sensitive information from kernel stack memory, aka CID-df7e40425813.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16921

CWE : Common Weakness Enumeration

%idName
100 %CWE-665Improper Initialization

CPE : Common Platform Enumeration

TypeDescriptionCount
Os2837

Sources (Detail)

SourceUrl
MISC https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=df...
https://github.com/torvalds/linux/commit/df7e40425813c50cd252e6f5e348a81ef1ac...

Alert History

If you want to see full details history, please login or register.
0
1
2
3
DateInformations
2019-09-30 21:20:07
  • Multiple Updates
2019-09-28 12:11:45
  • Multiple Updates
2019-09-28 12:11:09
  • Multiple Updates
2019-09-27 17:19:28
  • First insertion