Denial of Service Vulnerability in Linux Kernel's cma_req_handler Function

Denial of Service Vulnerability in Linux Kernel's cma_req_handler Function

CVE-2014-2739 · MEDIUM Severity

AV:A/AC:H/AU:N/C:N/I:N/A:C

The cma_req_handler function in drivers/infiniband/core/cma.c in the Linux kernel 3.14.x through 3.14.1 attempts to resolve an RDMA over Converged Ethernet (aka RoCE) address that is properly resolved within a different module, which allows remote attackers to cause a denial of service (incorrect pointer dereference and system crash) via crafted network traffic.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.