Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Thu, 10 Apr 2014 07:26:07 -0400 (EDT)
From: cve-assign@...re.org
To: ppandit@...hat.com
Cc: cve-assign@...re.org, oss-security@...ts.openwall.com
Subject: Re: CVE request Linux kernel: IB/core: crash while resolving passive side RoCE L2 address in cma_req_handler

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> Linux kernel built with the InfiniBand communication link(CONFIG_INFINIBAND)
> along with the support for Remote Direct Memory Access(RDMA) over Convered
> Ethernet(RoCE), is vulnerable to a crash caused by invalid memory access.
> It occurs while trying to resolve RoCE L2 address on the server side.
> 
> A remote unprivileged user/program could use this flaw to crash the kernel,
> resulting in DoS.
> 
> https://patchwork.kernel.org/patch/3896781/
> https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b2853fd6c2d0f383dbdf7427e263eb576a633867

Use CVE-2014-2739.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (SunOS)

iQEcBAEBAgAGBQJTRn7rAAoJEKllVAevmvmsfTcIALjPNjHagE/k+E+Uh8x8gf4O
HmW834RHsyV+nHiwwa0TBMiE3phh9spgsLKzADsuc6Uj2v5NfW3clz8j/FJLv4vq
uAb4wCAff/YE6+al9aJOiLtDmXk4ZS5w54o9baYU+KXqAPk26lyMRVDDKJWD5h3G
QwbUhNFnWuSdXo46Q/sWC3FHgCkF6EhtgOOcGsiiPv39jdtd1HZEcuYl8tqnjVT+
fBP0bEaPQs5E7CVRQ9nnPkYRNeZSHGnibN1n1ZPykIAGxDHAjZX1sGjYfEQ6dCq9
bQce4CcFQW5wG4dnLsaMzcEmU84rjzilFYYKsh3oJFTn+575RIiOI71ZXs2ulFU=
=b+5a
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ