Redhat released yesterday a new kernel and seems that there is local root hole in (u)verbs implementation. Has anyone figured out is MLNX OFED affected as well? It was found that the Linux kernel’s Infiniband subsystem did not properly sanitize input parameters while registering memory regions fro…

CVE 2014-8159 vulnerability

erezf March 13, 2015, 12:28pm 3

Thanks for the heads up!

Mellanox has released an updated version of the 2.4-1 release to address issue :

Mellanox Products: Mellanox OpenFabrics Enterprise Distribution for Linux (MLNX_OFED) http://www.mellanox.com/page/products_dyn?product_family=26&mtag=linux_sw_drivers

Topic		Replies	Views
What is the status of addressing CVE-2016-4565 Mellanox OFED	0	270	May 16, 2016
Rocky/RHEL 8.10 support Mellanox OFED	1	475	October 31, 2024
OFED suport Oracle Linux 8.9? Mellanox OFED	2	400	May 19, 2024
Support for Kernel 5.10+ ? Mellanox OFED	1	832	July 9, 2021
MLNX_OFED_LINUX installtion Error: Error: The current MLNX_OFED_LINUX is intended for rhel6.4 Mellanox OFED ibv_devices	12	2504	January 13, 2014
I am getting below error on RHEL-5.9 (2.6.18-348.el5) and MLNX_OFED_LINUX-1.5.3-4.0.42, Mellanox OFED	5	282	March 11, 2015
mlx5_ib issue while installing MLNX_OFED_LINUX-5.1-0.6.6.0 to Ubuntu 16.04 LTS with HWE kernel. Software And Drivers	1	303	March 26, 2021
Compile MLNX_OFED 5.1-2.3.7.1 against Kernel 5.8.12? Mellanox OFED	3	819	February 8, 2021
Can't build drivers for OFED 4.9 in RHEL/CentOS 8.6 with 4.18.0-372.19.1.el8_6.x86_64 kernel Mellanox OFED kernel	8	3083	October 26, 2022
MLNX OFED driver build failure for ubuntu-22.04 with latest kernel 5.15.0.84-generic InfiniBand/VPI Switch Systems	3	4272	October 24, 2023