[Forgot Password]
Login  Register Subscribe

30430

 
 

423868

 
 

247768

 
 

909

 
 

194555

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2011-1163Date: (C)2011-04-09   (M)2024-01-04


The osf_partition function in fs/partitions/osf.c in the Linux kernel before 2.6.38 does not properly handle an invalid number of partitions, which might allow local users to obtain potentially sensitive information from kernel heap memory via vectors related to partition-table parsing.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 2.1
Exploit Score: 3.9
Impact Score: 2.9
 
CVSS V2 Metrics:
Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality: PARTIAL
Integrity: NONE
Availability: NONE
  
Reference:
SECTRACK-1025225
http://www.securityfocus.com/archive/1/517050
BID-46878
SREASON-8189
RHSA-2011:0833
SUSE-SU-2015:0812
http://www.spinics.net/lists/mm-commits/msg82737.html
http://openwall.com/lists/oss-security/2011/03/15/9
http://openwall.com/lists/oss-security/2011/03/15/14
http://downloads.avaya.com/css/P8/documents/100145416
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1eafbfeb7bdf59cfe173304c76188f3fd5f1fd05
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.38
http://www.pre-cert.de/advisories/PRE-SA-2011-02.txt
https://bugzilla.redhat.com/show_bug.cgi?id=688021

CWE    1
CWE-20
OVAL    19
oval:org.secpod.oval:def:201587
oval:org.secpod.oval:def:1503278
oval:org.secpod.oval:def:500195
oval:org.secpod.oval:def:1504437
...

© SecPod Technologies