{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "The Reliable Datagram Sockets (RDS) subsystem in the Linux kernel before 2.6.38 does not properly handle congestion map updates, which allows local users to cause a denial of service (BUG_ON and system crash) via vectors involving (1) a loopback (aka loop) transmit operation or (2) an InfiniBand (aka ib) transmit operation."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2012-06-21T23:00:00.000Z"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/torvalds/linux/commit/6094628bfd94323fc1cea05ec2c6affd98c18f7f"}, {"name": "[oss-security] 20110303 CVE-2011-1023 kernel: rds: prevent BUG_ON triggering on congestion map updates", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2011/03/03/2"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.38"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6094628bfd94323fc1cea05ec2c6affd98c18f7f"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=680345"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T22:14:27.170Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/torvalds/linux/commit/6094628bfd94323fc1cea05ec2c6affd98c18f7f"}, {"name": "[oss-security] 20110303 CVE-2011-1023 kernel: rds: prevent BUG_ON triggering on congestion map updates", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2011/03/03/2"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.38"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6094628bfd94323fc1cea05ec2c6affd98c18f7f"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=680345"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2011-1023", "state": "PUBLISHED", "dateReserved": "2011-02-14T00:00:00.000Z", "datePublished": "2012-06-21T23:00:00.000Z", "dateUpdated": "2024-08-06T22:14:27.170Z"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "084AC06C-2438-4BD5-A28D-8D24DE515135", "versionEndIncluding": "2.6.37.6", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.37:*:*:*:*:*:*:*", "matchCriteriaId": "18CBFC41-E9A9-456C-8A61-8DB2E6CE2E98", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.37:rc1:*:*:*:*:*:*", "matchCriteriaId": "2EA6C6E6-CAD5-4D43-AD96-66D5ACBB91CE", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.37:rc2:*:*:*:*:*:*", "matchCriteriaId": "71905CF7-7C7B-43AC-970D-D3187A807903", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.37:rc3:*:*:*:*:*:*", "matchCriteriaId": "201421C9-E054-4FEB-A37A-8C314F242FBC", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.37:rc4:*:*:*:*:*:*", "matchCriteriaId": "F157225D-C62C-465D-A758-DE6A6C48C397", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.37:rc5:*:*:*:*:*:*", "matchCriteriaId": "77BB49A9-39D0-49C4-A241-D1537590F508", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.37.1:*:*:*:*:*:*:*", "matchCriteriaId": "CF9A28CB-B307-4D0B-AC45-73964F766B09", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.37.2:*:*:*:*:*:*:*", "matchCriteriaId": "51838021-099C-4135-94E6-EC0276BAB750", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.37.3:*:*:*:*:*:*:*", "matchCriteriaId": "E0F4EBC4-1C6D-428C-9F23-8508EBBD3588", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.37.4:*:*:*:*:*:*:*", "matchCriteriaId": "B86233BC-2B7D-44EB-8253-458E89046B17", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.37.5:*:*:*:*:*:*:*", "matchCriteriaId": "110BB215-C869-4BEB-962D-81A1F9F896B6", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The Reliable Datagram Sockets (RDS) subsystem in the Linux kernel before 2.6.38 does not properly handle congestion map updates, which allows local users to cause a denial of service (BUG_ON and system crash) via vectors involving (1) a loopback (aka loop) transmit operation or (2) an InfiniBand (aka ib) transmit operation."}, {"lang": "es", "value": "El subsistema 'Reliable Datagram Sockets' (SDR) del kernel de Linux en versiones anteriores a v2.6.38 no gestiona correctamente las actualizaciones del mapa de congestiones, lo que permite a usuarios locales causar una denegaci\u00f3n de servicio (ca\u00edda del sistema) a trav\u00e9s de vectores relacionados con (1) una opeeraci\u00f3n de transmisi\u00f3n 'loopback' (loop) o (2) una operaci\u00f3n de transmisi\u00f3n 'InfiniBand' (ib)."}], "id": "CVE-2011-1023", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 4.9, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2012-06-21T23:55:01.943", "references": [{"source": "secalert@redhat.com", "url": "http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.38"}, {"source": "secalert@redhat.com", "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6094628bfd94323fc1cea05ec2c6affd98c18f7f"}, {"source": "secalert@redhat.com", "url": "http://www.openwall.com/lists/oss-security/2011/03/03/2"}, {"source": "secalert@redhat.com", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=680345"}, {"source": "secalert@redhat.com", "tags": ["Exploit", "Patch"], "url": "https://github.com/torvalds/linux/commit/6094628bfd94323fc1cea05ec2c6affd98c18f7f"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.38"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6094628bfd94323fc1cea05ec2c6affd98c18f7f"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2011/03/03/2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=680345"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Patch"], "url": "https://github.com/torvalds/linux/commit/6094628bfd94323fc1cea05ec2c6affd98c18f7f"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2011:0542", "cpe": "cpe:/o:redhat:enterprise_linux:6", "package": "kernel-0:2.6.32-131.0.15.el6", "product_name": "Red Hat Enterprise Linux 6", "release_date": "2011-05-19T00:00:00Z"}], "bugzilla": {"description": "kernel: BUG_ON() in rds_send_xmit()", "id": "680345", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=680345"}, "csaw": false, "cvss": {"cvss_base_score": "4.9", "cvss_scoring_vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "status": "verified"}, "details": ["The Reliable Datagram Sockets (RDS) subsystem in the Linux kernel before 2.6.38 does not properly handle congestion map updates, which allows local users to cause a denial of service (BUG_ON and system crash) via vectors involving (1) a loopback (aka loop) transmit operation or (2) an InfiniBand (aka ib) transmit operation."], "name": "CVE-2011-1023", "package_state": [{"cpe": "cpe:/a:redhat:enterprise_mrg:1", "fix_state": "Affected", "package_name": "realtime-kernel", "product_name": "Red Hat Enterprise MRG 1"}], "public_date": "2011-03-02T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2011-1023\nhttps://nvd.nist.gov/vuln/detail/CVE-2011-1023"], "statement": "The Linux kernel as shipped with Red Hat Enterprise Linux 4 and Red Hat Enterprise MRG did not include support for the RDS Protocol, and therefore are\nnot affected by this issue. The Linux kernel as shipped with Red Hat Enterprise Linux 5 and 6 are not affected as they did not backport upstream commit 2e7b3b99 and 77dd550e that introduced this issue.", "threat_severity": "Moderate"}

{}