Back to search
CVE-2011-0695
Published: Mar 15, 2011
Modified: Aug 6, 2024
PUBLISHED
Description
Race condition in the cm_work_handler function in the InfiniBand driver (drivers/infiniband/core/cma.c) in Linux kernel 2.6.x allows remote attackers to cause a denial of service (panic) by sending an InfiniBand request while other request handlers are still running, which triggers an invalid pointer dereference.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
USN-1146-1
vendor-advisory
x_refsource_UBUNTU
RHSA-2011:0927
vendor-advisory
x_refsource_REDHAT
[linux-rdma] 20110223 [PATCH 2/2] ib/cm: Bump reference count on cm_id before invoking callback
mailing-list
x_refsource_MLIST
kernel-infiniband-dos(66056)
vdb-entry
x_refsource_XF
[oss-security] 20110311 CVE-2011-0695 kernel: panic in ib_cm:cm_work_handler
mailing-list
x_refsource_MLIST
43693
third-party-advisory
x_refsource_SECUNIA
[linux-rdma] 20110223 [PATCH 1/2] rdma/cm: Fix crash in request handlers
mailing-list
x_refsource_MLIST
46839
vdb-entry
x_refsource_BID
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now