CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:N/I:N/A:P
EPSS
Percentile
5.1%
ulp/sdp/sdp_proc.c in the ib_sdp module (aka ib_sdp.ko) in the ofa_kernel
package in the InfiniBand driver implementation in OpenFabrics Enterprise
Distribution (OFED) before 1.5.3 does not properly handle certain non-array
variables, which allows local users to cause a denial of service (stack
memory corruption and system crash) by reading the /proc/net/sdpstats file.