[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

ELSA-2013-0509 -- Oracle rdma, ibacm, ibsim, ibutils, infiniband-diags, infinipath-psm, libibmad-psm, libibumad, libibverbs, libmlx4, librdmacm, opensm

ID: oval:org.secpod.oval:def:1500082Date: (C)2013-03-20   (M)2023-02-20
Class: PATCHFamily: unix




Updated RDMA packages that fix multiple security issues, various bugs, andadd an enhancement are now available for Red Hat Enterprise Linux 6.The Red Hat Security Response Team has rated this update as having lowsecurity impact. Common Vulnerability Scoring System base scores,which give detailed severity ratings, are available for each vulnerabilityfrom the CVE links in the References section. Red Hat Enterprise Linux includes a collection of InfiniBand and iWARPutilities, libraries and development packages for writing applicationsthat use Remote Direct Memory Access technology.A denial of service flaw was found in the way ibacm managed referencecounts for multicast connections. An attacker could send specially-craftedmulticast packets that would cause the ibacm daemon to crash.It was found that the ibacm daemon created some files with world-writablepermissions. A local attacker could use this flaw to overwrite thecontents of the ibacm.log or ibacm.port file, allowing them to maskcertain actions from the log or cause ibacm to run on a non-default port.CVE-2012-4518 was discovered by Florian Weimer of the Red Hat ProductSecurity Team and Kurt Seifried of the Red Hat Security Response Team.The InfiniBand/iWARP/RDMA stack components have been upgraded to morerecent upstream versions.This update also fixes the following bugs:* Previously, the "ibnodes -h" command did not show a proper usage message.With this update the problem is fixed and "ibnodes -h" now shows thecorrect usage message. * Previously, the ibv_devinfo utility erroneously showed iWARP cxgb3hardware's physical state as invalid even when the device was working. ForiWARP hardware, the phys_state field has no meaning. This update patchesthe utility to not print out anything for this field when the hardware isiWARP hardware. * Prior to the release of Red Hat Enterprise Linux 6.3, the kernel createdthe InfiniBand device files in the wrong place and a udev rules file wasused to force the devices to be created in the proper place. With theupdate to 6.3, the kernel was fixed to create the InfiniBand device filesin the proper place, and so the udev rules file was removed as no longerbeing necessary. However, a bug in the kernel device creation meant that,although the devices were now being created in the right place, they hadincorrect permissions. Consequently, when users attempted to run an RDMAapplication as a non-root user, the application failed to get the necessarypermissions to use the RDMA device and the application terminated. Thisupdate puts a new udev rules file in place. It no longer attempts to createthe InfiniBand devices since they already exist, but it does correct thedevice permissions on the files. * Previously, using the "perfquery -C" command with a host name caused theperfquery utility to become unresponsive. The list of controllers toprocess was never cleared and the process looped infinitely on a singlecontroller. A patch has been applied to make sure that in the case wherethe user passes in the -C option, the controller list is cleared out oncethat controller has been processed. As a result, perfquery now works asexpected in the scenario described. * The OpenSM init script did not handle the case where there were noconfiguration files under "/etc/rdma/opensm.conf.*". With this update, thescript as been patched and the InfiniBand Subnet Manager, OpenSM, nowstarts as expected in the scenario described. This update also adds the following enhancement:* This update provides an updated mlx4_ib Mellanox driver which includesSingle Root I/O Virtualization support. All users of RDMA are advised to upgrade to these updated packages, whichfix these issues and add this enhancement.

Platform:
Oracle Linux 6
Product:
rdma
ibacm
ibsim
ibutils
infiniband-diags
infinipath-psm
libibmad-psm
libibumad
libibverbs
libmlx4
librdmacm
opensm
Reference:
ELSA-2013-0509
CVE-2012-4517
CVE-2012-4518
CVE    2
CVE-2012-4518
CVE-2012-4517
CPE    14
cpe:/a:openfabrics:ibsim
cpe:/a:openfabrics:ibacm:1.0.7
cpe:/a:openfabrics:ibutils
cpe:/a:openfabrics:opensm
...

© SecPod Technologies