CVE-2011-0695

MEDIUM

Description

Race condition in the cm_work_handler function in the InfiniBand driver (drivers/infiniband/core/cma.c) in Linux kernel 2.6.x allows remote attackers to cause a denial of service (panic) by sending an InfiniBand request while other request handlers are still running, which triggers an invalid pointer dereference.

References

http://rhn.redhat.com/errata/RHSA-2011-0927.html

http://secunia.com/advisories/43693

http://www.openwall.com/lists/oss-security/2011/03/11/1

http://www.securityfocus.com/bid/46839

http://www.spinics.net/lists/linux-rdma/msg07447.html

http://www.spinics.net/lists/linux-rdma/msg07448.html

http://www.ubuntu.com/usn/USN-1146-1

https://exchange.xforce.ibmcloud.com/vulnerabilities/66056

Details

Source: MITRE

Published: 2011-03-15

Updated: 2020-08-11

Type: CWE-362

Risk Information

CVSS v2.0

Base Score: 5.7

Vector: AV:A/AC:M/Au:N/C:N/I:N/A:C

Impact Score: 6.9

Exploitability Score: 5.5

Severity: MEDIUM

Vulnerable Software

Tenable Plugins

View all (25 total)

ID	Name	Product	Family	Severity
89105	VMware ESX / ESXi Service Console and Third-Party Libraries Multiple Vulnerabilities (VMSA-2012-0001) (remote check)	Nessus	Misc.	high
83571	SUSE SLES10 Security Update : ofed (SUSE-SU-2012:1708-1)	Nessus	SuSE Local Security Checks	medium
68415	Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2011-2014)	Nessus	Oracle Linux Local Security Checks	medium
68304	Oracle Linux 5 : kernel (ELSA-2011-0927)	Nessus	Oracle Linux Local Security Checks	medium
68247	Oracle Linux 6 : kernel (ELSA-2011-0421)	Nessus	Oracle Linux Local Security Checks	high
63345	SuSE 10 Security Update : ofed (ZYPP Patch Number 8386)	Nessus	SuSE Local Security Checks	medium
61083	Scientific Linux Security Update : kernel on SL5.x i386/x86_64	Nessus	Scientific Linux Local Security Checks	medium
61012	Scientific Linux Security Update : kernel on SL6.x i386/x86_64	Nessus	Scientific Linux Local Security Checks	high
57749	VMSA-2012-0001 : VMware ESXi and ESX updates to third-party library and ESX Service Console	Nessus	VMware ESX Local Security Checks	high
56190	USN-1202-1 : linux-ti-omap4 vulnerabilities	Nessus	Ubuntu Local Security Checks	high
55785	Ubuntu 10.04 LTS : linux-lts-backport-maverick vulnerabilities (USN-1187-1)	Nessus	Ubuntu Local Security Checks	high
55609	CentOS 5 : kernel (CESA-2011:0927)	Nessus	CentOS Local Security Checks	medium
55597	RHEL 5 : kernel (RHSA-2011:0927)	Nessus	Red Hat Local Security Checks	medium
55591	Ubuntu 11.04 : linux vulnerabilities (USN-1167-1)	Nessus	Ubuntu Local Security Checks	high
55589	Ubuntu 10.10 : linux-mvl-dove vulnerabilities (USN-1159-1)	Nessus	Ubuntu Local Security Checks	high
55530	USN-1164-1 : linux-fsl-imx51 vulnerabilities	Nessus	Ubuntu Local Security Checks	high
55521	Ubuntu 10.04 LTS : linux-mvl-dove vulnerabilities (USN-1162-1)	Nessus	Ubuntu Local Security Checks	high
55454	Ubuntu 10.10 : linux vulnerabilities (USN-1160-1)	Nessus	Ubuntu Local Security Checks	high
55170	Debian DSA-2264-1 : linux-2.6 - privilege escalation/denial of service/information leak	Nessus	Debian Local Security Checks	high
55109	Ubuntu 8.04 LTS : linux vulnerabilities (USN-1146-1)	Nessus	Ubuntu Local Security Checks	high
55104	Ubuntu 10.04 LTS : linux, linux-ec2 vulnerabilities (USN-1141-1)	Nessus	Ubuntu Local Security Checks	high
55069	Ubuntu 6.06 LTS : linux-source-2.6.15 vulnerabilities (USN-1111-1)	Nessus	Ubuntu Local Security Checks	high
55028	Debian DSA-2240-1 : linux-2.6 - privilege escalation/denial of service/information leak	Nessus	Debian Local Security Checks	high
53328	RHEL 6 : kernel (RHSA-2011:0421)	Nessus	Red Hat Local Security Checks	high
801507	CentOS RHSA-2011-0927 Security Check	Log Correlation Engine	Generic	high