CVE-2011-0695 — Race Condition in Kernel

CWE-362 — Race Condition CWE-911 — Improper Update of Reference Count13 documents6 sources

Severity

5.7MEDIUMNVD

EPSS

0.4%

top 36.70%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Kernel Canonical Ubuntu Linux Redhat Enterprise Linux Desktop +4 more

Timeline

PublishedMar 15

Latest updateMay 13

Description

Race condition in the cm_work_handler function in the InfiniBand driver (drivers/infiniband/core/cma.c) in Linux kernel 2.6.x allows remote attackers to cause a denial of service (panic) by sending an InfiniBand request while other request handlers are still running, which triggers an invalid pointer dereference.

CVSS vector

AV:A/AC:M/C:N/I:N/A:CExploitability: 5.5 | Impact: 6.9

Affected Packages4 packages

▶NVDlinux/linux_kernel2.6.0 — 2.6.39.4

▶NVDredhat/enterprise_linux_server5.0

▶NVDredhat/enterprise_linux_desktop5.0

▶NVDredhat/enterprise_linux_workstation5.0

Also affects: Ubuntu Linux 8.04, Enterprise Linux 5.6

Patches

Patch: www.openwall.com ↗Patch: www.spinics.net ↗Patch: www.spinics.net ↗

🔴Vulnerability Details

GHSA

GHSA-297p-pfx7-4599: Race condition in the cm_work_handler function in the InfiniBand driver (drivers/infiniband/core/cma↗2022-05-13

▶

📋Vendor Advisories

Ubuntu

Linux kernel (OMAP4) vulnerabilities↗2011-09-13

▶

Ubuntu

Linux kernel (Maverick backport) vulnerabilities↗2011-08-09

▶

Ubuntu

Linux kernel vulnerabilities (Marvell Dove)↗2011-07-13

▶

Ubuntu

Linux kernel vulnerabilities (i.MX51)↗2011-07-06

▶

Ubuntu

Linux kernel vulnerabilities↗2011-06-28

▶

📐Framework References

CWE

Improper Update of Reference Count↗

▶

💬Community

Bugzilla

CVE-2011-0695 kernel: panic in ib_cm:cm_work_handler↗2010-11-15

▶