PT-2011-3231 · Linux+2 · Linux Kernel+2

Published

2011-05-03

Updated

2024-06-15

CVE-2011-1577

CVSS v2.0

4.9

Medium

Vector

AV:L/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 2.6.39

Description The issue is related to a heap-based buffer overflow in the is gpt valid function, which can be triggered by a crafted size of the EFI GUID partition-table header on removable media. This can cause a denial of service or possibly have other unspecified impacts. The estimated number of potentially affected devices is not provided.

Recommendations For Linux kernel versions prior to 2.6.39, update to version 2.6.39 or later to resolve the issue. As a temporary workaround, consider restricting access to removable media to minimize the risk of exploitation.

Fix

DoS

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

CVE-2011-1577

DSA-2264-1

OPENSUSE-SU-2024:10128-1

RHSA-2011:0833

RHSA-2011:1253

RHSA-2011:1465

RHSA-2011_0833

RHSA-2011_1465

USN-1170-1

USN-1183-1

USN-1187-1

USN-1193-1

USN-1202-1

USN-1203-1

USN-1204-1

USN-1208-1

USN-1212-1

USN-1216-1

USN-1218-1

USN-1256-1

Affected Products

Linux Kernel

Red Hat

Suse

PT-2011-3231 · Linux+2 · Linux Kernel+2

CVE-2011-1577

Weakness Enumeration

Related Identifiers

Affected Products

References · 146