CVE-2011-0695

Race condition in the cm_work_handler function in the InfiniBand driver (drivers/infiniband/core/cma.c) in Linux kernel 2.6.x allows remote attackers to cause a denial of service (panic) by sending an InfiniBand request while other request handlers are still running, which triggers an invalid pointer dereference.
Race Condition
Severity
UNKNOWN
AV:A/AC:M/Au:N/C:N/I:N/A:C
Atk. Vector
ADJACENT_NETWORK
Atk. Complexity
MEDIUM
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
VendorProductVersion
linuxlinux_kernel
2.6.0 ≤
𝑥
≤ 2.6.39.4
redhatenterprise_linux_desktop
5.0
redhatenterprise_linux_eus
5.6
redhatenterprise_linux_server
5.0
redhatenterprise_linux_server_aus
5.6
redhatenterprise_linux_workstation
5.0
canonicalubuntu_linux
8.04
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
linux
natty
Fixed 2.6.38-8.40
released
maverick
Fixed 2.6.35-29.51
released
lucid
Fixed 2.6.32-32.62
released
karmic
ignored
hardy
Fixed 2.6.24-29.90
released
dapper
dne
linux-ec2
natty
dne
maverick
ignored
lucid
Fixed 2.6.32-316.30
released
karmic
ignored
hardy
dne
dapper
dne
linux-fsl-imx51
natty
dne
maverick
dne
lucid
Fixed 2.6.31-609.26
released
karmic
ignored
hardy
dne
dapper
dne
linux-lts-backport-maverick
natty
dne
maverick
dne
lucid
Fixed 2.6.35-30.54~lucid1
released
karmic
dne
hardy
dne
dapper
dne
linux-lts-backport-natty
natty
dne
maverick
dne
lucid
not-affected
hardy
dne
linux-mvl-dove
natty
dne
maverick
Fixed 2.6.32-417.34
released
lucid
Fixed 2.6.32-217.34
released
karmic
ignored
hardy
dne
dapper
dne
linux-source-2.6.15
natty
dne
maverick
dne
lucid
dne
karmic
dne
hardy
dne
dapper
Fixed 2.6.15-57.97
released
linux-ti-omap4
natty
Fixed 2.6.38-1208.11
released
maverick
Fixed 2.6.35-903.23
released
lucid
dne
karmic
dne
hardy
dne
dapper
dne