A flaw was discovered in the Linux kernel’s implementation of InfiniBand. A local attacker who is able to execute a read from the InfiniBand device could trigger an information leak of kernel memory to userspace which can be used to further attack the system.
If the InfiniBand device is in use, there is no known mitigation for this flaw. If the InfiniBand device is not in use, the kernel module (mlx5_ib) can be blacklisted and unloaded.