Content Spoofing

librdmacm is vulnerable to content spoofing. A static port 6125 is used to connect to the ibacm service by default. This allows a local attacker to host a malicious ibacm service on the same port to provide incorrect address resolution information to all librmdacm applications...

Amazon Linux AMI : openmpi (ALAS-2013-256)

A flaw was found in the way ibutils handled temporary files. A local attacker could use this flaw to cause arbitrary files to be overwritten as the root user via a symbolic link attack. It was discovered that librdmacm used a static port to connect to the ibacm service. A local attacker able to r...

ibutils, infinipath, libibverbs, libmlx4, librdmacm, mpitests, mstflint, openmpi, perftest, qperf, rdma security update

CentOS Errata and Security Advisory CESA-2013:1661 Updated rdma, libibverbs, libmlx4, librdmacm, qperf, perftest, openmpi, compat-openmpi, infinipath-psm, mpitests, and rds-tools packages that fix two security issues, several bugs, and add various enhancements are now available for Red Hat...

librdmacm: Tried to connect to port 6125 if ibacm.port was not found

librdmacm 1.0.16, when ibacm.port is not specified, connects to port 6125, which allows remote attackers to specify the address resolution information for the application via a malicious ibacm service...

CVE-2012-4516

librdmacm 1.0.16, when ibacm.port is not specified, connects to port 6125, which allows remote attackers to specify the address resolution information for the application via a malicious ibacm service...

Design/Logic Flaw

librdmacm 1.0.16, when ibacm.port is not specified, connects to port 6125, which allows remote attackers to specify the address resolution information for the application via a malicious ibacm service...

CVE-2012-4516

Removed by vendor...