#VU44752 Buffer overflow in Linux kernel - CVE-2011-1776
Vulnerability identifier: #VU44752
Vulnerability risk: Medium
CVSSv4.0: 1.8 [CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID:
CWE-ID:
CWE-119
Exploitation vector: Local
Exploit availability: No
Vulnerable software:
Linux kernel
Operating systems & Components /
Operating system
Vendor: Linux Foundation
Description
The vulnerability allows a local non-authenticated attacker to #BASIC_IMPACT#.
The is_gpt_valid function in fs/partitions/efi.c in the Linux kernel before 2.6.39 does not check the size of an Extensible Firmware Interface (EFI) GUID Partition Table (GPT) entry, which allows physically proximate attackers to cause a denial of service (heap-based buffer overflow and OOPS) or obtain sensitive information from kernel heap memory by connecting a crafted GPT storage device, a different vulnerability than CVE-2011-1577.
Mitigation
Install update from vendor's website.
Vulnerable software versions
Linux kernel: 2.6.0 - 2.6.38.8
External links
https://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=fa039d5f6b126fbd65eefa05db2f67e44df8f121
https://openwall.com/lists/oss-security/2011/05/10/4
https://rhn.redhat.com/errata/RHSA-2011-0927.html
https://securityreason.com/securityalert/8369
https://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39
https://www.pre-cert.de/advisories/PRE-SA-2011-04.txt
https://www.securityfocus.com/bid/47796
https://bugzilla.redhat.com/show_bug.cgi?id=703026
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
