ALAS-2013-256 ---- openmpiID: oval:org.secpod.oval:def:1600312 | Date: (C)2016-05-19 (M)2023-07-28 |
Class: PATCH | Family: unix |
A flaw was found in the way ibutils handled temporary files. A local attacker could use this flaw to cause arbitrary files to be overwritten as the root user via a symbolic link attack.It was discovered that librdmacm used a static port to connect to the ib_acm service. A local attacker able to run a specially crafted ib_acm service on that port could use this flaw to provide incorrect address resolution information to librmdacm applications.
Platform: |
Amazon Linux AMI |