CVE-2011-0695

Race condition in the cm_work_handler function in the InfiniBand driver (drivers/infiniband/core/cma.c) in Linux kernel 2.6.x allows remote attackers to cause a denial of service (panic) by sending an InfiniBand request while other request handlers are still running, which triggers an invalid pointer dereference.
References
Link Resource
http://www.spinics.net/lists/linux-rdma/msg07448.html Mailing List Patch Third Party Advisory
http://secunia.com/advisories/43693 Third Party Advisory
http://www.securityfocus.com/bid/46839 Third Party Advisory VDB Entry
http://www.spinics.net/lists/linux-rdma/msg07447.html Exploit Mailing List Patch Third Party Advisory
http://www.openwall.com/lists/oss-security/2011/03/11/1 Mailing List Patch Third Party Advisory
http://www.ubuntu.com/usn/USN-1146-1 Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2011-0927.html Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/66056 Third Party Advisory VDB Entry
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:5.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:5.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*

Configuration 3 (hide)

cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*

Information

Published : 2011-03-15 10:55

Updated : 2020-08-11 13:17


NVD link : CVE-2011-0695

Mitre link : CVE-2011-0695


JSON object : View

CWE
CWE-362

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Advertisement

dedicated server usa

Products Affected

redhat

  • enterprise_linux_desktop
  • enterprise_linux_server_aus
  • enterprise_linux_workstation
  • enterprise_linux_server
  • enterprise_linux_eus

canonical

  • ubuntu_linux

linux

  • linux_kernel