Difference between revisions of "EGI CSIRT:Alerts/rds-rdma-2010-11-02"
Jump to navigation
Jump to search
Line 1: | Line 1: | ||
'''========== DRAFT ===========''' | |||
<pre> | <pre> | ||
** WHITE information - Unlimited distribution allowed ** | ** WHITE information - Unlimited distribution allowed ** | ||
Line 20: | Line 21: | ||
But locally it's probably exploitable on any machine. | But locally it's probably exploitable on any machine. | ||
Note that the kernel update fixing CVE-2010-3904 does *not* fix CVE-2010-3865. | |||
The EGI CSIRT considers this to be a High vulnerability. | |||
Details | |||
======= | |||
</pre> | </pre> |
Revision as of 16:17, 2 November 2010
========== DRAFT ===========
** WHITE information - Unlimited distribution allowed ** ** see https://wiki.egi.eu/wiki/EGI_CSIRT:TLP for distribution restrictions ** EGI CSIRT ADVISORY [EGI-ADV-20101102] Title: HIGH Vulnerability CVE-2010-3865 kernel: iovec integer overflow in net/rds/rdma.c [EGI-ADV-20101102] Date: November 01, 2010 Last update: November 01, 2010 URL: https://wiki.egi.eu/wiki/EGI_CSIRT:Alerts/liblinker-2010-10-23 Introduction ============ Another problem in the RDS-Module is detected: https://bugzilla.redhat.com/show_bug.cgi?id=647416 it looks like they think it might even be possible to remotely exploit this over an Infiniband network ("Access Vector: Adjacent"). But, presumably, for this to be exploitable *over the network*, the victim host would have to listen on an RDS socket, which should be very rare. But locally it's probably exploitable on any machine. Note that the kernel update fixing CVE-2010-3904 does *not* fix CVE-2010-3865. The EGI CSIRT considers this to be a High vulnerability. Details =======