Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Vigil@nce - Linux kernel: denial of service via cma_req_handler

April 2014 by Vigil@nce

This bulletin was written by Vigil@nce : http://vigilance.fr/offer

SYNTHESIS OF THE VULNERABILITY

An attacker can send an InfiniBand RDMA packet, in order to
generate an error in the cma_req_handler() function of the Linux
kernel, in order to trigger a denial of service.

Impacted products: Linux

Severity: 2/4

Creation date: 08/04/2014

DESCRIPTION OF THE VULNERABILITY

The InfiniBand technology is used to transmit data efficiently,
using for example RDMA (Remote Direct Memory Access).

The RoCE (RDMA over Converged Ethernet) protocol is also used to
remotely access to the memory.

However, when both are enabled on the Linux kernel, the code
managing RDMA is redundant in the cma_req_handler() InfiniBand
function.

An attacker can therefore send an InfiniBand RDMA packet, in order
to generate an error in the cma_req_handler() function of the
Linux kernel, in order to trigger a denial of service.

ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN

http://vigilance.fr/vulnerability/Linux-kernel-denial-of-service-via-cma-req-handler-14551


See previous articles

    

See next articles


Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55
Mail: ipsimp@free.fr

All new podcasts