Lucene search
Redhat.comRH:CVE-2018-20855HistoryOct 29, 2019 - 4:05 a.m.
CVE-2018-20855
2019-10-2904:05:01
redhat.com
access.redhat.com
10
0.0005 Low
EPSS
Percentile
17.8%
A flaw was discovered in the Linux kernel’s implementation of InfiniBand. A local attacker who is able to execute a read from the InfiniBand device could trigger an information leak of kernel memory to userspace which can be used to further attack the system.
Mitigation
If the InfiniBand device is in use, there is no known mitigation for this flaw. If the InfiniBand device is not in use, the kernel module (mlx5_ib) can be blacklisted and unloaded.
Related
nvd
nvd
CVE-2018-20855
2019-07-26 05:15:10
osv
osv
CVE-2018-20855
2019-07-26 05:15:10
cvelist
cvelist
CVE-2018-20855
2019-07-26 04:39:40
debiancve
debiancve
CVE-2018-20855
2019-07-26 05:15:10
prion
prion
Memory corruption
2019-07-26 05:15:00
ubuntucve
ubuntucve
CVE-2018-20855
2019-07-26 00:00:00
cve
cve
CVE-2018-20855
2019-07-26 05:15:10
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2019:2071-1)
2021-06-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2019:2072-1)
2021-04-19 00:00:00
SUSE: Security Advisory (SUSE-SU-2019:2073-1)
2021-06-09 00:00:00
nessus
nessus
SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2019:2071-1)
2019-08-12 00:00:00
SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2019:2072-1)
2019-08-12 00:00:00
SUSE SLES12 Security Update : kernel (SUSE-SU-2019:2262-1)
2019-09-03 00:00:00
oraclelinux
oraclelinux
Unbreakable Enterprise kernel security update
2019-10-11 00:00:00
suse
suse
Security update for the Linux Kernel (important)
2019-08-16 00:00:00
Security update for the Linux Kernel (important)
2019-08-16 00:00:00