CVE-2016-5011

Published: Apr 11, 2017Modified: May 13, 2026

4.6

Vector

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 0.9 / Impact: 3.6

Source: NVD

Description

The parse_dos_extended function in partitions/dos.c in the libblkid library in util-linux allows physically proximate attackers to cause a denial of service (memory consumption) via a crafted MSDOS partition table with an extended partition boot record at zero offset.

Affected (19)

Products: Kernel: Util Linux · Redhat: Enterprise Linux Desktop, Enterprise Linux Eus, Enterprise Linux Server, Enterprise Linux Server Aus, Enterprise Linux Server Tus, Enterprise Linux Workstation · Ibm: Powerkvm, Power Hardware Management Console

Kernel

1 product

Util Linux

Redhat

6 products

Enterprise Linux Desktop

Enterprise Linux Eus

Enterprise Linux Server

Enterprise Linux Server Aus

Enterprise Linux Server Tus

Enterprise Linux Workstation

Ibm

2 products

Powerkvm

Power Hardware Management Console

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Kernel Util Linux	Up to 2.28

Configuration B

15 vulnerable

Vulnerable Software	Affected Versions
Redhat Enterprise Linux Desktop	Version 7.0
Redhat Enterprise Linux Eus	Version 7.3
Redhat Enterprise Linux Eus	Version 7.4
Redhat Enterprise Linux Eus	Version 7.5
Redhat Enterprise Linux Eus	Version 7.6
Redhat Enterprise Linux Eus	Version 7.7
Redhat Enterprise Linux Server	Version 7.0
Redhat Enterprise Linux Server Aus	Version 7.3
Redhat Enterprise Linux Server Aus	Version 7.4
Redhat Enterprise Linux Server Aus	Version 7.6
Redhat Enterprise Linux Server Aus	Version 7.7
Redhat Enterprise Linux Server Tus	Version 7.3
Redhat Enterprise Linux Server Tus	Version 7.6
Redhat Enterprise Linux Server Tus	Version 7.7
Redhat Enterprise Linux Workstation	Version 7.0