Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
CVE-2011-0695
CVE information
Published
Last Modified
CVSSv2.0 Severity
Impact Analysis
Description
Race condition in the cm_work_handler function in the InfiniBand driver (drivers/infiniband/core/cma.c) in Linux kernel 2.6.x allows remote attackers to cause a denial of service (panic) by sending an InfiniBand request while other request handlers are still running, which triggers an invalid pointer dereference..
CVSSv2.0 Score
- Severity
- Medium
- Base Score
- 5.7/10
- Exploit Score
- 5.5/10
- Access Vector
- Adjacent_network
- Access Complexity
- Medium
- Authentication Required
- None
- Impact Score
- 6.9/10
- Confidentiality Impact
- None
- Availability Impact
- Complete
- Integrity Impact
- None
Products Affected
CPE | Affected | Vulnerable | Excluding | Edit |
---|---|---|---|---|
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
Yes
|
2.6.0 | - | |
cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*: |
Yes
|
- | - | |
cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:o:redhat:enterprise_linux_server_aus:5.6:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:o:redhat:enterprise_linux_eus:5.6:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:* |
Yes
|
- | - |
References
- http://www.spinics.net/lists/linux-rdma/msg07448.html
- http://secunia.com/advisories/43693
- http://www.securityfocus.com/bid/46839
- http://www.spinics.net/lists/linux-rdma/msg07447.html
- http://www.openwall.com/lists/oss-security/2011/03/11/1
- http://www.ubuntu.com/usn/USN-1146-1
- http://rhn.redhat.com/errata/RHSA-2011-0927.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/66056