Secunia
Login
|
|
CVE Reference: CVE-2011-1776 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2011-1776 |
|
|
Description: The is_gpt_valid function in fs/partitions/efi.c in the Linux kernel before 2.6.39 does not check the size of an Extensible Firmware Interface (EFI) GUID Partition Table (GPT) entry, which allows physically proximate attackers to cause a denial of service (heap-based buffer overflow and OOPS) or obtain sensitive information from kernel heap memory by connecting a crafted GPT storage device, a different vulnerability than CVE-2011-1577. |
|
|
CVE Status: Candidate |
|
|
References: SREASON http://securityreason.com/securityalert/8369 MLIST http://openwall.com/lists/oss-security/2011/05/10/4 MISC http://www.pre-cert.de/advisories/PRE-SA-2011-04.txt CONFIRM http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=fa039d5f6b126fbd65eefa05db2f67e44df8f121 BID 47796 |
|
| Return to the previous page. |
