Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 19/09/2011 Updated: 13/02/2023

CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9

VMScore: 187

Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P

ulp/sdp/sdp_proc.c in the ib_sdp module (aka ib_sdp.ko) in the ofa_kernel package in the InfiniBand driver implementation in OpenFabrics Enterprise Distribution (OFED) prior to 1.5.3 does not properly handle certain non-array variables, which allows local users to cause a denial of service (stack memory corruption and system crash) by reading the /proc/net/sdpstats file.

Vulnerable Product	Search on Vulmon	Subscribe to Product
openfabrics enterprise distribution 1.5.1
openfabrics enterprise distribution 1.4.1
openfabrics enterprise distribution 1.4.2
openfabrics enterprise distribution 1.3.1
openfabrics enterprise distribution 1.4
openfabrics enterprise distribution 1.1
openfabrics enterprise distribution 1.3.2
openfabrics enterprise distribution 1.3
openfabrics enterprise distribution
openfabrics enterprise distribution 1.5
openfabrics enterprise distribution 1.2.5

CWE-119 http://www.openwall.com/lists/oss-security/2011/09/06/3 http://www.openwall.com/lists/oss-security/2011/09/07/3 http://secunia.com/advisories/45861 http://www.securityfocus.com/bid/49486 http://www.openwall.com/lists/oss-security/2011/09/07/1 https://exchange.xforce.ibmcloud.com/vulnerabilities/69631 http://git.openfabrics.org/git?p=ofed_1_5/linux-2.6.git%3Ba=commit%3Bh=04bb801a31825d1559c4670253e1bea1291a1af8 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2011-3345

Vulnerability Summary

References

Vulmon Search

About

Products

Connect