CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2011-3345

ulp/sdp/sdp_proc.c in the ib_sdp module (aka ib_sdp.ko) in the ofa_kernel package in the InfiniBand driver implementation in OpenFabrics Enterprise Distribution (OFED) before 1.5.3 does not properly handle certain non-array variables, which allows local users to cause a denial of service (stack memory corruption and system crash) by reading the /proc/net/sdpstats file.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 33.0%

CVSS Severity

CVSS v2 Score 2.1

References

Products affected by CVE-2011-3345

Openfabrics » Enterprise Distribution » Version: 1.1

cpe:2.3:a:openfabrics:enterprise_distribution:1.1
Openfabrics » Enterprise Distribution » Version: 1.2.5

cpe:2.3:a:openfabrics:enterprise_distribution:1.2.5
Openfabrics » Enterprise Distribution » Version: 1.3

cpe:2.3:a:openfabrics:enterprise_distribution:1.3
Openfabrics » Enterprise Distribution » Version: 1.3.1

cpe:2.3:a:openfabrics:enterprise_distribution:1.3.1
Openfabrics » Enterprise Distribution » Version: 1.3.2

cpe:2.3:a:openfabrics:enterprise_distribution:1.3.2
Openfabrics » Enterprise Distribution » Version: 1.4

cpe:2.3:a:openfabrics:enterprise_distribution:1.4
Openfabrics » Enterprise Distribution » Version: 1.4.1

cpe:2.3:a:openfabrics:enterprise_distribution:1.4.1
Openfabrics » Enterprise Distribution » Version: 1.4.2

cpe:2.3:a:openfabrics:enterprise_distribution:1.4.2
Openfabrics » Enterprise Distribution » Version: 1.5

cpe:2.3:a:openfabrics:enterprise_distribution:1.5
Openfabrics » Enterprise Distribution » Version: 1.5.1

cpe:2.3:a:openfabrics:enterprise_distribution:1.5.1
Openfabrics » Enterprise Distribution » Version: 1.5.2

cpe:2.3:a:openfabrics:enterprise_distribution:1.5.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2011-3345

Products

Pricing

Contact Us