cpe:/a:openfabrics:enterprise_distribution:1.1 cpe:/a:openfabrics:enterprise_distribution:1.2.5 cpe:/a:openfabrics:enterprise_distribution:1.3 cpe:/a:openfabrics:enterprise_distribution:1.3.1 cpe:/a:openfabrics:enterprise_distribution:1.3.2 cpe:/a:openfabrics:enterprise_distribution:1.4 cpe:/a:openfabrics:enterprise_distribution:1.4.1 cpe:/a:openfabrics:enterprise_distribution:1.4.2 cpe:/a:openfabrics:enterprise_distribution:1.5 cpe:/a:openfabrics:enterprise_distribution:1.5.1 cpe:/a:openfabrics:enterprise_distribution:1.5.2 CVE-2011-3345 2011-09-19T08:02:57.073-04:00 2017-08-28T21:30:10.350-04:00 2.1 LOCAL LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2011-09-19T13:36:00.000-04:00 SECUNIA 45861 BID 49486 MLIST [oss-security] 20110906 CVE Request: OFED 1.5.2 /proc/net/sdpstats reading local denial of service/crash MLIST [oss-security] 20110907 Re: CVE Request: OFED 1.5.2 /proc/net/sdpstats reading local denial of service/crash CONFIRM http://git.openfabrics.org/git?p=ofed_1_5/linux-2.6.git;a=commit;h=04bb801a31825d1559c4670253e1bea1291a1af8 XF ofed-sdpstats-dos(69631) ulp/sdp/sdp_proc.c in the ib_sdp module (aka ib_sdp.ko) in the ofa_kernel package in the InfiniBand driver implementation in OpenFabrics Enterprise Distribution (OFED) before 1.5.3 does not properly handle certain non-array variables, which allows local users to cause a denial of service (stack memory corruption and system crash) by reading the /proc/net/sdpstats file.