Lucene search

RedhatCVE-2011-0695

HistoryMar 15, 2011 - 5:55 p.m.

CVE-2011-0695

2011-03-1517:55:04

CWE-362

redhat

web.nvd.nist.gov

cve-2011-0695

race condition

infiniband driver

linux kernel 2.6.x

denial of service

remote attackers

nvd

CVSS2

5.7

Attack Vector

ADJACENT_NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:A/AC:M/Au:N/C:N/I:N/A:C

AI Score

6.2

Confidence

High

EPSS

0.006

Percentile

77.7%

JSON

Race condition in the cm_work_handler function in the InfiniBand driver (drivers/infiniband/core/cma.c) in Linux kernel 2.6.x allows remote attackers to cause a denial of service (panic) by sending an InfiniBand request while other request handlers are still running, which triggers an invalid pointer dereference.

Affected configurations

Nvd

Node

linuxlinux_kernelRange2.6.0–2.6.39.4

Node

redhatenterprise_linux_desktopMatch5.0

redhatenterprise_linux_eusMatch5.6

redhatenterprise_linux_serverMatch5.0

redhatenterprise_linux_server_ausMatch5.6

redhatenterprise_linux_workstationMatch5.0

Node

canonicalubuntu_linuxMatch8.04-

VendorProductVersionCPE
linuxlinux_kernelcpe:/o:linux:linux_kernel::::

Vendor	Product	Version	CPE
linux	linux_kernel		cpe:/o:linux:linux_kernel::::

References

rhn.redhat.com/errata/RHSA-2011-0927.html

secunia.com/advisories/43693

www.openwall.com/lists/oss-security/2011/03/11/1

www.securityfocus.com/bid/46839

www.spinics.net/lists/linux-rdma/msg07447.html

www.spinics.net/lists/linux-rdma/msg07448.html

www.ubuntu.com/usn/USN-1146-1

exchange.xforce.ibmcloud.com/vulnerabilities/66056

CVSS2

5.7

Attack Vector

ADJACENT_NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:A/AC:M/Au:N/C:N/I:N/A:C

AI Score

6.2

Confidence

High

EPSS

0.006

Percentile

77.7%

JSON

Related for CVE-2011-0695