Bug 865483 (CVE-2012-4516)

Summary: CVE-2012-4516 librdmacm: Tried to connect to port 6125 if ibacm.port was not found
Product: [Other] Security Response Reporter: Jan Lieskovsky <jlieskov>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED ERRATA QA Contact:
Severity: low Docs Contact:
Priority: low    
Version: unspecifiedCC: dledford, fenlason, fweimer
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 866221 (view as bug list) Environment:
Last Closed: 2013-11-22 03:17:39 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Bug Depends On: 865510, 866221    
Bug Blocks: 865513, 974906    

Description Jan Lieskovsky 2012-10-11 14:49:16 UTC
A security flaw was found in the way librdmacm, a userspace RDMA Communication Managment API allowing to specify connections using TCP/IP addresses even though it opens RDMA specific connections, performed binding to the underlying ib_acm service (librdmacm used default port value of 6125 to bind to ib_acm service). An attacker able to run a rogue ib_acm service could use this flaw to make librdmacm applications to use potentially bogus address resolution information.

Upstream patch:
[1] http://git.openfabrics.org/git?p=~shefty/librdmacm.git;a=commitdiff;h=4b5c1aa734e0e734fc2ba3cd41d0ddf02170af6d


This issue was discovered by Florian Weimer of Red Hat Product Security Team.

Comment 1 Jan Lieskovsky 2012-10-11 14:51:18 UTC
This issue did not affect the version of the librdmacm package, as shipped with Red Hat Enterprise Linux 5.


This issue affects the version of the librdmacm package, as shipped with Red Hat Enterprise Linux 6.


This issue affects the versions of the librdmacm package, as shipped with Fedora release of 16 and 17. Please schedule an update.

Comment 2 Jan Lieskovsky 2012-10-11 15:51:41 UTC
CVE Request:
[2] http://www.openwall.com/lists/oss-security/2012/10/11/6

Comment 3 Jan Lieskovsky 2012-10-11 15:53:19 UTC
Created librdmacm tracking bugs for this issue

Affects: fedora-all [bug 865510]

Comment 4 Vincent Danen 2012-10-11 21:16:33 UTC
This was assigned CVE-2012-4516.

Comment 7 errata-xmlrpc 2013-11-21 21:33:14 UTC
This issue has been addressed in following products:

  Red Hat Enterprise Linux 6

Via RHSA-2013:1661 https://rhn.redhat.com/errata/RHSA-2013-1661.html

Comment 8 Huzaifa S. Sidhpurwala 2013-11-22 03:17:39 UTC