Bug 873128 (CVE-2014-2739) - VUL-0: CVE-2014-2739: kernel: IB/core: crash while resolving passive side RoCE L2 address in cma req handler
Summary: VUL-0: CVE-2014-2739: kernel: IB/core: crash while resolving passive side RoC...
Status: RESOLVED FIXED
Alias: CVE-2014-2739
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P3 - Medium : Normal
Target Milestone: ---
Assignee: Security Team bot
QA Contact: Security Team bot
URL: https://smash.suse.de/issue/97770/
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2014-04-11 09:00 UTC by Alexander Bergmann
Modified: 2014-06-05 09:56 UTC (History)
3 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Alexander Bergmann 2014-04-11 09:00:46 UTC 
Via rh#1085415:

Linux kernel built with the InfiniBand communication link(CONFIG_INFINIBAND)
along with the support for Remote Direct Memory Access(RDMA) over Convered
Ethernet(RoCE), is vulnerable to a crash caused by invalid memory access.
It occurs while trying to resolve RoCE L2 address on the server side.

A remote unprivileged user/program could use this flaw to crash the kernel,
resulting in DoS.

Upstream fix:
-------------
  -> https://patchwork.kernel.org/patch/3896781/

Issue introduced by commit:
 -> https://git.kernel.org/linus/dd5f03beb4f76ae65d76d8c22a8815e424fc607c

CVE-2014-2739 was assigned to this issue.


References:
https://bugzilla.redhat.com/show_bug.cgi?id=1085415
Comment 1 Swamp Workflow Management 2014-04-11 22:00:31 UTC 
bugbot adjusting priority
Comment 2 John Jolly 2014-06-05 06:03:22 UTC 
Fix submitted for SLE12 on 28 Mar 2014 for bnc#868011

Fix unnecessary for SLE11-SP3 and before.
Comment 3 Johannes Segitz 2014-06-05 09:56:27 UTC 
then we can close this one