Vulnerability CVE-2011-1776
Published: 2011-09-06   Modified: 2012-02-13

Description:
The is_gpt_valid function in fs/partitions/efi.c in the Linux kernel before 2.6.39 does not check the size of an Extensible Firmware Interface (EFI) GUID Partition Table (GPT) entry, which allows physically proximate attackers to cause a denial of service (heap-based buffer overflow and OOPS) or obtain sensitive information from kernel heap memory by connecting a crafted GPT storage device, a different vulnerability than CVE-2011-1577.

See advisories in our WLB2 database:
Topic
Author
Date
Med.
linux kernel 2.6.38.8 information disclosure, denial-of-service
CERT
09.09.2011

Type:

CWE-119

 (Improper Restriction of Operations within the Bounds of a Memory Buffer)

CVSS2 => (AV:L/AC:L/Au:N/C:P/I:N/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
5.6/10
7.8/10
3.9/10
Exploit range
Attack complexity
Authentication
Local
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
None
Complete
Affected software
Linux -> Kernel 
Linux -> Linux kernel 

 References:
https://bugzilla.redhat.com/show_bug.cgi?id=703026
http://openwall.com/lists/oss-security/2011/05/10/4
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=fa039d5f6b126fbd65eefa05db2f67e44df8f121
http://www.securityfocus.com/bid/47796
http://www.pre-cert.de/advisories/PRE-SA-2011-04.txt
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39
http://securityreason.com/securityalert/8369
http://rhn.redhat.com/errata/RHSA-2011-0927.html
Copyright 2024, cxsecurity.com

 

Back to Top