diff options
author | Moritz Muehlenhoff <jmm@debian.org> | 2014-04-11 12:56:36 +0000 |
---|---|---|
committer | Moritz Muehlenhoff <jmm@debian.org> | 2014-04-11 12:56:36 +0000 |
commit | 8172242781ef7cf22f9cf1b5e6c3ffa4d0052242 (patch) | |
tree | 0d864e442bd2d593a052470d7276c762174a6743 /retired/CVE-2014-2739 | |
parent | b08747a88279e9a836a5960a1ef0f4e80616dcc6 (diff) |
retire
git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@3299 e094ebfe-e918-0410-adfb-c712417f3574
Diffstat (limited to 'retired/CVE-2014-2739')
-rw-r--r-- | retired/CVE-2014-2739 | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/retired/CVE-2014-2739 b/retired/CVE-2014-2739 new file mode 100644 index 00000000..e36a9df9 --- /dev/null +++ b/retired/CVE-2014-2739 @@ -0,0 +1,17 @@ +Description: IB/core: Don't resolve passive side RoCE L2 address in CMA REQ handler +References: +Notes: + From oss-sec: + Linux kernel built with the InfiniBand communication link(CONFIG_INFINIBAND) + along with the support for Remote Direct Memory Access(RDMA) over Convered + Ethernet(RoCE), is vulnerable to a crash caused by invalid memory access. + It occurs while trying to resolve RoCE L2 address on the server side. + A remote unprivileged user/program could use this flaw to crash the kernel, + resulting in DoS. +Bugs: +upstream: released (3.14-rc4) [b2853fd6c2d0f383dbdf7427e263eb576a633867] +2.6.32-upstream-stable: N/A "Introduced in 3.14-rc1 with dd5f03beb4f76ae65d76d8c22a8815e424fc607c" +sid: N/A "Introduced in 3.14-rc1 with dd5f03beb4f76ae65d76d8c22a8815e424fc607c" +3.2-wheezy-security: N/A "Introduced in 3.14-rc1 with dd5f03beb4f76ae65d76d8c22a8815e424fc607c" +2.6.32-squeeze-security: N/A "Introduced in 3.14-rc1 with dd5f03beb4f76ae65d76d8c22a8815e424fc607c" +3.2-upstream-stable: N/A "Introduced in 3.14-rc1 with dd5f03beb4f76ae65d76d8c22a8815e424fc607c" |