CVE-2011-1163

EPSS 0.11%
Published 10.04.2011 02:51:19
Last modified 11.04.2025 00:51:21
Source secalert@redhat.com
Teams watchlist Login
Open Login

The osf_partition function in fs/partitions/osf.c in the Linux kernel before 2.6.38 does not properly handle an invalid number of partitions, which might allow local users to obtain potentially sensitive information from kernel heap memory via vectors related to partition-table parsing.

Affected products Warnungen 0 Metrics 2 CWE 1 References 17

Data is provided by the National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version < 2.6.38

Suse ≫ Linux Enterprise Server Version10 Updatesp4 SwEditionltss

Redhat ≫ Enterprise Linux Desktop Version5.0

Redhat ≫ Enterprise Linux Desktop Version6.0

Redhat ≫ Enterprise Linux Eus Version5.6

Redhat ≫ Enterprise Linux Server Version5.0

Redhat ≫ Enterprise Linux Server Version6.0

Redhat ≫ Enterprise Linux Server Aus Version5.6

Redhat ≫ Enterprise Linux Workstation Version5.0

Redhat ≫ Enterprise Linux Workstation Version6.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.11%	0.26

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	2.1	3.9	2.9	AV:L/AC:L/Au:N/C:P/I:N/A:N

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.38

Broken Link

http://downloads.avaya.com/css/P8/documents/100145416

Third Party Advisory

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1eafbfeb7bdf59cfe173304c76188f3fd5f1fd05

http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html

Third Party Advisory

Mailing List

http://openwall.com/lists/oss-security/2011/03/15/14

Patch

Third Party Advisory

Mailing List