CVE-2011-1163 Information

Feb 14, 2021 cve

Description

The osf_partition function in fs/partitions/osf.c in the Linux kernel before 2.6.38 does not properly handle an invalid number of partitions which might allow local users to obtain potentially sensitive information from kernel heap memory via vectors related to partition-table parsing.

Reference

http://downloads.avaya.com/css/P8/documents/100145416 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=1eafbfeb7bdf59cfe173304c76188f3fd5f1fd05 http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html http://openwall.com/lists/oss-security/2011/03/15/14 http://openwall.com/lists/oss-security/2011/03/15/9 http://rhn.redhat.com/errata/RHSA-2011-0833.html http://securityreason.com/securityalert/8189 http://securitytracker.com/id?1025225 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.38 http://www.pre-cert.de/advisories/PRE-SA-2011-02.txt http://www.securityfocus.com/archive/1/517050 http://www.securityfocus.com/bid/46878 http://www.spinics.net/lists/mm-commits/msg82737.html https://bugzilla.redhat.com/show_bug.cgi?id=688021

Share on: