← back
CVE-2021-3923

CVE-2021-3923

CVSS 2.3 LOWEPSS 0.2%CWE-200
Vexday Risk Score
8Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 2.3EPSS 0.2%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
27 Mar 2023Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
A flaw was found in the Linux kernel's implementation of RDMA over infiniband. An attacker with a privileged local account can leak kernel stack information when issuing commands to the /dev/infiniband/rdma_cm device node. While this access is unlikely to leak sensitive user information, it can be further used to defeat existing kernel protection mechanisms.
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
Affected products
n/a · kernel