CVE-2012-4517

ibacm before 1.0.6 does not properly manage reference counts for multicast connections, which allows remote attackers to cause a denial of service (ibacm service crash) via a crafted join response.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:N/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 81%
Affected Products (NVD)
VendorProductVersion
openfabricsibacm
𝑥
≤ 1.0.5
𝑥
= Vulnerable software versions
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
ibacm
RHEL 6
0:1.0.8-0.git7a3adb7.el6
fixed
ibacm-devel
RHEL 6
0:1.0.8-0.git7a3adb7.el6
fixed
ibsim
RHEL 6
0:0.5-7.el6
fixed
ibutils
RHEL 6
0:1.5.7-7.el6
fixed
ibutils-devel
RHEL 6
0:1.5.7-7.el6
fixed
ibutils-libs
RHEL 6
0:1.5.7-7.el6
fixed
infiniband-diags
RHEL 6
0:1.5.12-5.el6
fixed
infiniband-diags-devel
RHEL 6
0:1.5.12-5.el6
fixed
infiniband-diags-devel-static
RHEL 6
0:1.5.12-5.el6
fixed
infinipath-psm
RHEL 6
0:3.0.1-115.1015_open.1.el6
fixed
infinipath-psm-devel
RHEL 6
0:3.0.1-115.1015_open.1.el6
fixed
libibmad
RHEL 6
0:1.3.9-1.el6
fixed
libibmad-devel
RHEL 6
0:1.3.9-1.el6
fixed
libibmad-static
RHEL 6
0:1.3.9-1.el6
fixed
libibumad
RHEL 6
0:1.3.8-1.el6
fixed
libibumad-devel
RHEL 6
0:1.3.8-1.el6
fixed
libibumad-static
RHEL 6
0:1.3.8-1.el6
fixed
libibverbs
RHEL 6
0:1.1.6-5.el6
fixed
libibverbs-devel
RHEL 6
0:1.1.6-5.el6
fixed
libibverbs-devel-static
RHEL 6
0:1.1.6-5.el6
fixed
libibverbs-utils
RHEL 6
0:1.1.6-5.el6
fixed
libmlx4
RHEL 6
0:1.0.4-1.el6
fixed
libmlx4-static
RHEL 6
0:1.0.4-1.el6
fixed
librdmacm
RHEL 6
0:1.0.17-0.git4b5c1aa.el6
fixed
librdmacm-devel
RHEL 6
0:1.0.17-0.git4b5c1aa.el6
fixed
librdmacm-static
RHEL 6
0:1.0.17-0.git4b5c1aa.el6
fixed
librdmacm-utils
RHEL 6
0:1.0.17-0.git4b5c1aa.el6
fixed
opensm
RHEL 6
0:3.3.15-1.el6
fixed
opensm-devel
RHEL 6
0:3.3.15-1.el6
fixed
opensm-libs
RHEL 6
0:3.3.15-1.el6
fixed
opensm-static
RHEL 6
0:3.3.15-1.el6
fixed
rdma
RHEL 6
0:3.6-1.el6
fixed
Common Weakness Enumeration
References
http://comments.gmane.org/gmane.linux.drivers.rdma/11659
http://git.openfabrics.org/git?p=~shefty/ibacm.git%3Ba=commit%3Bh=c7d28b35d64333c262de3ec972c426423dadccf9
http://rhn.redhat.com/errata/RHSA-2013-0509.html
http://www.openwall.com/lists/oss-security/2012/10/11/6
http://www.openwall.com/lists/oss-security/2012/10/11/9
http://www.securityfocus.com/bid/55890
https://bugzilla.redhat.com/show_bug.cgi?id=865492
https://exchange.xforce.ibmcloud.com/vulnerabilities/79396
http://comments.gmane.org/gmane.linux.drivers.rdma/11659
http://git.openfabrics.org/git?p=~shefty/ibacm.git%3Ba=commit%3Bh=c7d28b35d64333c262de3ec972c426423dadccf9
http://rhn.redhat.com/errata/RHSA-2013-0509.html
http://www.openwall.com/lists/oss-security/2012/10/11/6
http://www.openwall.com/lists/oss-security/2012/10/11/9
http://www.securityfocus.com/bid/55890
https://bugzilla.redhat.com/show_bug.cgi?id=865492
https://exchange.xforce.ibmcloud.com/vulnerabilities/79396