CVE-2011-1577

Опубликовано: 13 апр. 2011

Источник: redhat

CVSS2: 4.9

Описание

Heap-based buffer overflow in the is_gpt_valid function in fs/partitions/efi.c in the Linux kernel 2.6.38 and earlier allows physically proximate attackers to cause a denial of service (OOPS) or possibly have unspecified other impact via a crafted size of the EFI GUID partition-table header on removable media.

Отчет

This issue affects the versions of Linux kernel as shipped with Red Hat Enterprise Linux 4, 5, 6, and Red Hat Enterprise MRG. This has been addressed in Red Hat Enterprise Linux 5, 6 and Red Hat Enterprise MRG via https://rhn.redhat.com/errata/RHSA-2011-0833.html, https://rhn.redhat.com/errata/RHSA-2011-1465.html, and https://rhn.redhat.com/errata/RHSA-2011-1253.html. Red Hat Enterprise Linux 4 is now in Production 3 of the maintenance life-cycle, https://access.redhat.com/support/policy/updates/errata/, therefore the fix for this issue is not currently planned to be included in the future updates.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise MRG 1	realtime-kernel	Affected
Red Hat Enterprise Linux 5	kernel	Fixed	RHSA-2011:0833	31.05.2011
Red Hat Enterprise Linux 6	kernel	Fixed	RHSA-2011:1465	22.11.2011
Red Hat Enterprise MRG 2	kernel-rt	Fixed	RHSA-2011:1253	12.09.2011

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low

https://bugzilla.redhat.com/show_bug.cgi?id=695976kernel: corrupted GUID partition tables can cause kernel oops

4.9 Medium

CVSS2

Связанные уязвимости

CVE-2011-1577

ubuntu

около 14 лет назад

CVE-2011-1577

nvd

около 14 лет назад

CVE-2011-1577

debian

около 14 лет назад

Heap-based buffer overflow in the is_gpt_valid function in fs/partitio ...

GHSA-2c8x-w9gg-x7v5

github

около 3 лет назад

ELSA-2011-2037

oracle-oval

больше 13 лет назад

ELSA-2011-2037: Unbreakable Enterprise kernel security and bug fix update (MODERATE)

4.9 Medium

CVSS2