What the vulnerability does

01Description

A flaw was found in the Linux kernel's implementation of RDMA over infiniband. An attacker with a privileged local account can leak kernel stack information when issuing commands to the /dev/infiniband/rdma_cm device node. While this access is unlikely to leak sensitive user information, it can be further used to defeat existing kernel protection mechanisms.

Key dates

02Disclosure timeline

March 27, 2023 CVE published
February 24, 2025 Record updated