LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

Kernel prepatch 3.9-rc6

LWN.net Weekly Edition for April 4, 2013

LWN.net Weekly Edition for March 28, 2013

A kernel change breaks GlusterFS

PyCon: Evangelizing Python

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

rdma: multiple vulnerabilities

Package(s):RDMA CVE #(s):CVE-2012-4517 CVE-2012-4518
Created:February 21, 2013 Updated:March 11, 2013
Description: From the Red Hat advisory:

A denial of service flaw was found in the way ibacm managed reference counts for multicast connections. An attacker could send specially-crafted multicast packets that would cause the ibacm daemon to crash. (CVE-2012-4517)

It was found that the ibacm daemon created some files with world-writable permissions. A local attacker could use this flaw to overwrite the contents of the ibacm.log or ibacm.port file, allowing them to mask certain actions from the log or cause ibacm to run on a non-default port. (CVE-2012-4518)

Alerts:
Red Hat RHSA-2013:0509-02 2013-02-21
Oracle ELSA-2013-0509 2013-02-25
Scientific Linux SL-rdma-20130304 2013-03-04
CentOS CESA-2013:0509 2013-03-09
CentOS CESA-2013:0509 2013-03-09
CentOS CESA-2013:0509 2013-03-09
CentOS CESA-2013:0509 2013-03-09
CentOS CESA-2013:0509 2013-03-09
CentOS CESA-2013:0509 2013-03-09
CentOS CESA-2013:0509 2013-03-09
CentOS CESA-2013:0509 2013-03-09
CentOS CESA-2013:0509 2013-03-09
CentOS CESA-2013:0509 2013-03-09
CentOS CESA-2013:0509 2013-03-09
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds