CVE-2011-3345
19.09.2011, 12:02
ulp/sdp/sdp_proc.c in the ib_sdp module (aka ib_sdp.ko) in the ofa_kernel package in the InfiniBand driver implementation in OpenFabrics Enterprise Distribution (OFED) before 1.5.3 does not properly handle certain non-array variables, which allows local users to cause a denial of service (stack memory corruption and system crash) by reading the /proc/net/sdpstats file.Enginsight
| Vendor | Product | Version |
|---|---|---|
| openfabrics | enterprise_distribution | 𝑥 ≤ 1.5.2 |
| openfabrics | enterprise_distribution | 1.1 |
| openfabrics | enterprise_distribution | 1.2.5 |
| openfabrics | enterprise_distribution | 1.3 |
| openfabrics | enterprise_distribution | 1.3.1 |
| openfabrics | enterprise_distribution | 1.3.2 |
| openfabrics | enterprise_distribution | 1.4 |
| openfabrics | enterprise_distribution | 1.4.1 |
| openfabrics | enterprise_distribution | 1.4.2 |
| openfabrics | enterprise_distribution | 1.5 |
| openfabrics | enterprise_distribution | 1.5.1 |
𝑥
= Vulnerable software versions
Ubuntu Releases
Ubuntu Product | |||||||||
|---|---|---|---|---|---|---|---|---|---|
| linux |
| ||||||||
| linux-ec2 |
| ||||||||
| linux-fsl-imx51 |
| ||||||||
| linux-lts-backport-maverick |
| ||||||||
| linux-lts-backport-natty |
| ||||||||
| linux-mvl-dove |
| ||||||||
| linux-ti-omap4 |
|
Common Weakness Enumeration
References