Mellanox had a release of their OFED on Friday which included the relevant patch. 2.4-1.0.4 http://www.mellanox.com/page/products_dyn?product_family=26&mtag=linux_sw_drivers
On 14 March 2015 at 00:27, Chris Samuel <[email protected]> wrote: > Happiness and joy - this bug appears to be in all distros and OFEDs. > > https://access.redhat.com/security/cve/CVE-2014-8159 > > # It was found that the Linux kernel's Infiniband subsystem > # did not properly sanitize input parameters while registering > # memory regions from user space via the (u)verbs API. A local > # user with access to a /dev/infiniband/uverbsX device could use > # this flaw to crash the system or, potentially, escalate their > # privileges on the system. > # > # Find out more about CVE-2014-8159 from the MITRE CVE dictionary > # and NIST NVD. > # > # Statement > # > # This issue does affect the Linux kernel packages as shipped > # with Red Hat Enterprise Linux 5, 6, and 7, and Red Hat > # Enterprise MRG 2. Future Linux kernel updates for the > # respective releases will address this issue. > > Of course if you use a 3rd party OFED stack you'll need to look to them for > any fixes (if available). > > -- > Christopher Samuel Senior Systems Administrator > VLSCI - Victorian Life Sciences Computation Initiative > Email: [email protected] Phone: +61 (0)3 903 55545 > http://www.vlsci.org.au/ http://twitter.com/vlsci > > _______________________________________________ > Beowulf mailing list, [email protected] sponsored by Penguin Computing > To change your subscription (digest mode or unsubscribe) visit > http://www.beowulf.org/mailman/listinfo/beowulf >
_______________________________________________ Beowulf mailing list, [email protected] sponsored by Penguin Computing To change your subscription (digest mode or unsubscribe) visit http://www.beowulf.org/mailman/listinfo/beowulf
