** Changed in: linux-lts-raring (Ubuntu Precise)
Status: New => Invalid
** Changed in: linux-armadaxp (Ubuntu Precise)
Status: New => Fix Released
** Description changed:
The InfiniBand (IB) implementation in the Linux kernel package before
2.6.32-504.12.2 on Red Hat Enterprise Linux (RHEL) 6 does not properly
restrict use of User Verbs for registration of memory regions, which
allows local users to access arbitrary physical memory locations, and
consequently cause a denial of service (system crash) or gain
privileges, by leveraging permissions on a uverbs device under
/dev/infiniband/.
- Break-Fix: - -
+ Break-Fix: - local-2014-8159
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1413741
Title:
CVE-2014-8159
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1413741/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
