oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: CVE request Linux kernel: IB/core: crash while resolving passive side RoCE L2 address in cma_req_handler

From: cve-assign () mitre org
Date: Thu, 10 Apr 2014 07:26:07 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Linux kernel built with the InfiniBand communication link(CONFIG_INFINIBAND)
along with the support for Remote Direct Memory Access(RDMA) over Convered
Ethernet(RoCE), is vulnerable to a crash caused by invalid memory access.
It occurs while trying to resolve RoCE L2 address on the server side.

A remote unprivileged user/program could use this flaw to crash the kernel,
resulting in DoS.

https://patchwork.kernel.org/patch/3896781/
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b2853fd6c2d0f383dbdf7427e263eb576a633867


Use CVE-2014-2739.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (SunOS)

iQEcBAEBAgAGBQJTRn7rAAoJEKllVAevmvmsfTcIALjPNjHagE/k+E+Uh8x8gf4O
HmW834RHsyV+nHiwwa0TBMiE3phh9spgsLKzADsuc6Uj2v5NfW3clz8j/FJLv4vq
uAb4wCAff/YE6+al9aJOiLtDmXk4ZS5w54o9baYU+KXqAPk26lyMRVDDKJWD5h3G
QwbUhNFnWuSdXo46Q/sWC3FHgCkF6EhtgOOcGsiiPv39jdtd1HZEcuYl8tqnjVT+
fBP0bEaPQs5E7CVRQ9nnPkYRNeZSHGnibN1n1ZPykIAGxDHAjZX1sGjYfEQ6dCq9
bQce4CcFQW5wG4dnLsaMzcEmU84rjzilFYYKsh3oJFTn+575RIiOI71ZXs2ulFU=
=b+5a
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: