CVE-2011-0695
Published: 15 March 2011
Race condition in the cm_work_handler function in the InfiniBand driver (drivers/infiniband/core/cma.c) in Linux kernel 2.6.x allows remote attackers to cause a denial of service (panic) by sending an InfiniBand request while other request handlers are still running, which triggers an invalid pointer dereference.
From the Ubuntu security team
Jens Kuehnel discovered that the InfiniBand driver contained a race condition. On systems using InfiniBand, a local attacker could send specially crafted requests to crash the system, leading to a denial of service.
Priority
Medium
Status
| Package | Release | Status |
|---|---|---|
|
linux Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
| hardy |
Released
(2.6.24-29.90)
|
|
| karmic |
Ignored
|
|
| lucid |
Released
(2.6.32-32.62)
|
|
| maverick |
Released
(2.6.35-29.51)
|
|
| natty |
Released
(2.6.38-8.40)
|
|
| upstream |
Released
(2.6.39~rc1)
|
|
|
Patches: upstream: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=29963437a48475036353b95ab142bf199adb909e upstream: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=25ae21a10112875763c18b385624df713a288a05 |
||
|
linux-ec2 Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
| hardy |
Does not exist
|
|
| karmic |
Ignored
(reached end-of-life)
|
|
| lucid |
Released
(2.6.32-316.30)
|
|
| maverick |
Ignored
(binary supplied by "linux" now)
|
|
| natty |
Does not exist
|
|
| upstream |
Released
(2.6.39~rc1)
|
|
|
linux-fsl-imx51 Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
| hardy |
Does not exist
|
|
| karmic |
Ignored
(reached end-of-life)
|
|
| lucid |
Released
(2.6.31-609.26)
|
|
| maverick |
Does not exist
|
|
| natty |
Does not exist
|
|
| upstream |
Released
(2.6.39~rc1)
|
|
|
linux-lts-backport-maverick Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
| hardy |
Does not exist
|
|
| karmic |
Does not exist
|
|
| lucid |
Released
(2.6.35-30.54~lucid1)
|
|
| maverick |
Does not exist
|
|
| natty |
Does not exist
|
|
| upstream |
Released
(2.6.39~rc1)
|
|
|
linux-lts-backport-natty Launchpad, Ubuntu, Debian |
hardy |
Does not exist
|
| lucid |
Not vulnerable
(2.6.38-8.40~lucid1)
|
|
| maverick |
Does not exist
|
|
| natty |
Does not exist
|
|
| upstream |
Released
(2.6.39~rc1)
|
|
|
linux-mvl-dove Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
| hardy |
Does not exist
|
|
| karmic |
Ignored
(abandonded branch)
|
|
| lucid |
Released
(2.6.32-217.34)
|
|
| maverick |
Released
(2.6.32-417.34)
|
|
| natty |
Does not exist
|
|
| upstream |
Released
(2.6.39~rc1)
|
|
|
linux-source-2.6.15 Launchpad, Ubuntu, Debian |
dapper |
Released
(2.6.15-57.97)
|
| hardy |
Does not exist
|
|
| karmic |
Does not exist
|
|
| lucid |
Does not exist
|
|
| maverick |
Does not exist
|
|
| natty |
Does not exist
|
|
| upstream |
Released
(2.6.39~rc1)
|
|
|
linux-ti-omap4 Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
| hardy |
Does not exist
|
|
| karmic |
Does not exist
|
|
| lucid |
Does not exist
|
|
| maverick |
Released
(2.6.35-903.23)
|
|
| natty |
Released
(2.6.38-1208.11)
|
|
| upstream |
Released
(2.6.39~rc1)
|
|
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0695
- https://ubuntu.com/security/notices/USN-1111-1
- https://ubuntu.com/security/notices/USN-1141-1
- https://ubuntu.com/security/notices/USN-1146-1
- https://ubuntu.com/security/notices/USN-1160-1
- https://ubuntu.com/security/notices/USN-1162-1
- https://ubuntu.com/security/notices/USN-1164-1
- https://ubuntu.com/security/notices/USN-1167-1
- https://ubuntu.com/security/notices/USN-1159-1
- https://ubuntu.com/security/notices/USN-1187-1
- https://ubuntu.com/security/notices/USN-1202-1
- NVD
- Launchpad
- Debian