CVE-2011-1577 Information

Description

Heap-based buffer overflow in the is_gpt_valid function in fs/partitions/efi.c in the Linux kernel 2.6.38 and earlier allows physically proximate attackers to cause a denial of service (OOPS) or possibly have unspecified other impact via a crafted size of the EFI GUID partition-table header on removable media.

Reference

http://downloads.avaya.com/css/P8/documents/100145416 http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061236.html http://openwall.com/lists/oss-security/2011/04/12/17 http://openwall.com/lists/oss-security/2011/04/13/1 http://rhn.redhat.com/errata/RHSA-2011-0833.html http://securityreason.com/securityalert/8238 http://securitytracker.com/id?1025355 http://www.securityfocus.com/archive/1/517477/100/0/threaded http://www.securityfocus.com/bid/47343 http://www.spinics.net/lists/mm-commits/msg83274.html https://bugzilla.redhat.com/show_bug.cgi?id=695976 https://exchange.xforce.ibmcloud.com/vulnerabilities/66773