ID CVE-2012-4517
Summary ibacm before 1.0.6 does not properly manage reference counts for multicast connections, which allows remote attackers to cause a denial of service (ibacm service crash) via a crafted join response.
References
Vulnerable Configurations
  • cpe:2.3:a:openfabrics:ibacm:1.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:openfabrics:ibacm:1.0.5:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 29-08-2017 - 01:32)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:N/A:P
redhat via4
advisories
rhsa
id RHSA-2013:0509
rpms
  • infinipath-psm-0:3.0.1-115.1015_open.1.el6
  • infinipath-psm-devel-0:3.0.1-115.1015_open.1.el6
  • rdma-0:3.6-1.el6
  • libibverbs-0:1.1.6-5.el6
  • libibverbs-devel-0:1.1.6-5.el6
  • libibverbs-devel-static-0:1.1.6-5.el6
  • libibverbs-utils-0:1.1.6-5.el6
  • libmlx4-0:1.0.4-1.el6
  • libmlx4-static-0:1.0.4-1.el6
  • libibumad-0:1.3.8-1.el6
  • libibumad-devel-0:1.3.8-1.el6
  • libibumad-static-0:1.3.8-1.el6
  • libibmad-0:1.3.9-1.el6
  • libibmad-devel-0:1.3.9-1.el6
  • libibmad-static-0:1.3.9-1.el6
  • opensm-0:3.3.15-1.el6
  • opensm-devel-0:3.3.15-1.el6
  • opensm-libs-0:3.3.15-1.el6
  • opensm-static-0:3.3.15-1.el6
  • ibutils-0:1.5.7-7.el6
  • ibutils-devel-0:1.5.7-7.el6
  • ibutils-libs-0:1.5.7-7.el6
  • ibsim-0:0.5-7.el6
  • ibacm-0:1.0.8-0.git7a3adb7.el6
  • ibacm-devel-0:1.0.8-0.git7a3adb7.el6
  • infiniband-diags-0:1.5.12-5.el6
  • infiniband-diags-devel-0:1.5.12-5.el6
  • infiniband-diags-devel-static-0:1.5.12-5.el6
  • librdmacm-0:1.0.17-0.git4b5c1aa.el6
  • librdmacm-devel-0:1.0.17-0.git4b5c1aa.el6
  • librdmacm-static-0:1.0.17-0.git4b5c1aa.el6
  • librdmacm-utils-0:1.0.17-0.git4b5c1aa.el6
refmap via4
bid 55890
confirm http://git.openfabrics.org/git?p=~shefty/ibacm.git;a=commit;h=c7d28b35d64333c262de3ec972c426423dadccf9
misc https://bugzilla.redhat.com/show_bug.cgi?id=865492
mlist
  • [linux-rdma] 20120413 [ANNOUNCE] ibacm release 1.0.6
  • [oss-security] 20121011 CVE Request -- librdmacm (one issue) / ibacm (two issues)
  • [oss-security] 20121011 Re: CVE Request -- librdmacm (one issue) / ibacm (two issues)
xf ibacm-connections-dos(79396)
Last major update 29-08-2017 - 01:32
Published 22-10-2012 - 23:55
Back to Top