CVE-2011-1776

Published: Sep 6, 2011Modified: Apr 29, 2026

6.1

Vector

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

Exploitability: 0.9 / Impact: 5.2

Source: NVD

Description

The is_gpt_valid function in fs/partitions/efi.c in the Linux kernel before 2.6.39 does not check the size of an Extensible Firmware Interface (EFI) GUID Partition Table (GPT) entry, which allows physically proximate attackers to cause a denial of service (heap-based buffer overflow and OOPS) or obtain sensitive information from kernel heap memory by connecting a crafted GPT storage device, a different vulnerability than CVE-2011-1577.

Affected (6)

Products: Linux: Linux Kernel · Redhat: Enterprise Linux Desktop, Enterprise Linux Server, Enterprise Linux Server Aus, Enterprise Linux Server Eus, Enterprise Linux Workstation

1 product

5 products

Enterprise Linux Desktop

Enterprise Linux Server

Enterprise Linux Server Aus

Enterprise Linux Server Eus

Enterprise Linux Workstation

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	Before 2.6.39

Configuration B

5 vulnerable

Vulnerable Software	Affected Versions
Redhat Enterprise Linux Desktop	Version 5.0
Redhat Enterprise Linux Server	Version 5.0
Redhat Enterprise Linux Server Aus	Version 5.6
Redhat Enterprise Linux Server Eus	Version 5.6
Redhat Enterprise Linux Workstation	Version 5.0

Related CWEs

Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

References (16)

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=fa039d5f6b126fbd65eefa05db2f67e44df8f121

Source: secalert@redhat.com

http://openwall.com/lists/oss-security/2011/05/10/4

Source: secalert@redhat.com

Mailing ListPatchThird Party Advisory

http://rhn.redhat.com/errata/RHSA-2011-0927.html

Source: secalert@redhat.com

Third Party Advisory

http://securityreason.com/securityalert/8369

Source: secalert@redhat.com

Third Party Advisory

http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39

Source: secalert@redhat.com

Release NotesVendor Advisory

http://www.pre-cert.de/advisories/PRE-SA-2011-04.txt

Source: secalert@redhat.com

Third Party Advisory

http://www.securityfocus.com/bid/47796

Source: secalert@redhat.com

Third Party AdvisoryVDB Entry

https://bugzilla.redhat.com/show_bug.cgi?id=703026

Source: secalert@redhat.com

Issue TrackingPatchThird Party Advisory

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=fa039d5f6b126fbd65eefa05db2f67e44df8f121

Source: af854a3a-2127-422b-91ae-364da2661108

http://openwall.com/lists/oss-security/2011/05/10/4

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListPatchThird Party Advisory

http://rhn.redhat.com/errata/RHSA-2011-0927.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://securityreason.com/securityalert/8369

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39

Source: af854a3a-2127-422b-91ae-364da2661108

Release NotesVendor Advisory

http://www.pre-cert.de/advisories/PRE-SA-2011-04.txt

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://www.securityfocus.com/bid/47796

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://bugzilla.redhat.com/show_bug.cgi?id=703026

Source: af854a3a-2127-422b-91ae-364da2661108

Issue TrackingPatchThird Party Advisory

Timeline

No history available yet.