[arch-security] [linux] CVE-2014-2739 :: cma_req_handler function in drivers/infiniband/core/cma.c
Billy McCann
thebillywayne at gmail.com
Thu May 1 20:49:23 EDT 2014
Not sure if this one applies to Arch. I'll put this here for those in the know.
CVE-2014-2729 :: [linux]
The cma_req_handler function in drivers/infiniband/core/cma.c in the
Linux kernel 3.14.x through 3.14.1 attempts to resolve an RDMA over
Converged Ethernet (aka RoCE) address that is properly resolved within
a different module, which allows remote attackers to cause a denial of
service (incorrect pointer dereference and system crash) via crafted
network traffic.
INFO:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2739
https://bugzilla.redhat.com/show_bug.cgi?id=1085415
UPSTREAM FIX:
https://patchwork.kernel.org/patch/3896781/
More information about the arch-security
mailing list