Lucene search

K

Ubuntu.comUB:CVE-2014-2739

HistoryApr 14, 2014 - 12:00 a.m.

CVE-2014-2739

2014-04-1400:00:00

ubuntu.com

ubuntu.com

10

4.6 Medium

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:A/AC:H/Au:N/C:N/I:N/A:C

0.005 Low

EPSS

Percentile

77.1%

The cma_req_handler function in drivers/infiniband/core/cma.c in the Linux
kernel 3.14.x through 3.14.1 attempts to resolve an RDMA over Converged
Ethernet (aka RoCE) address that is properly resolved within a different
module, which allows remote attackers to cause a denial of service
(incorrect pointer dereference and system crash) via crafted network
traffic.

Bugs

<https://launchpad.net/bugs/1306286>

Notes

Author	Note
jdstrand	android kernels (goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 13.10 preview kernels

References

www.openwall.com/lists/oss-security/2014/04/10/9

launchpad.net/bugs/cve/CVE-2014-2739

nvd.nist.gov/vuln/detail/CVE-2014-2739

security-tracker.debian.org/tracker/CVE-2014-2739

www.cve.org/CVERecord?id=CVE-2014-2739

4.6 Medium

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:A/AC:H/Au:N/C:N/I:N/A:C

0.005 Low

EPSS

Percentile

77.1%

Related for UB:CVE-2014-2739

prion1 cvelist1 debiancve1 seebug1 nvd1 cve1