CVE-2011-1023

Опубликовано: 02 мар. 2011

Источник: redhat

CVSS2: 4.9

EPSS Низкий

Описание

The Reliable Datagram Sockets (RDS) subsystem in the Linux kernel before 2.6.38 does not properly handle congestion map updates, which allows local users to cause a denial of service (BUG_ON and system crash) via vectors involving (1) a loopback (aka loop) transmit operation or (2) an InfiniBand (aka ib) transmit operation.

Отчет

The Linux kernel as shipped with Red Hat Enterprise Linux 4 and Red Hat Enterprise MRG did not include support for the RDS Protocol, and therefore are not affected by this issue. The Linux kernel as shipped with Red Hat Enterprise Linux 5 and 6 are not affected as they did not backport upstream commit 2e7b3b99 and 77dd550e that introduced this issue.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise MRG 1	realtime-kernel	Affected
Red Hat Enterprise Linux 6	kernel	Fixed	RHSA-2011:0542	19.05.2011

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

https://bugzilla.redhat.com/show_bug.cgi?id=680345kernel: BUG_ON() in rds_send_xmit()

EPSS

Процентиль: 36%

0.00151

Низкий

4.9 Medium

CVSS2

Связанные уязвимости

CVE-2011-1023

ubuntu

около 13 лет назад

CVE-2011-1023

nvd

около 13 лет назад

CVE-2011-1023

debian

около 13 лет назад

The Reliable Datagram Sockets (RDS) subsystem in the Linux kernel befo ...

GHSA-v9vf-hr4f-r4g4

github

около 3 лет назад

ELSA-2011-2016

oracle-oval

около 14 лет назад

ELSA-2011-2016: Unbreakable Enterprise kernel security fix update (IMPORTANT)

EPSS

Процентиль: 36%

0.00151

Низкий

4.9 Medium

CVSS2