CVE-2011-1776 (retired)

Priority
Description
The is_gpt_valid function in fs/partitions/efi.c in the Linux kernel before
2.6.39 does not check the size of an Extensible Firmware Interface (EFI)
GUID Partition Table (GPT) entry, which allows physically proximate
attackers to cause a denial of service (heap-based buffer overflow and
OOPS) or obtain sensitive information from kernel heap memory by connecting
a crafted GPT storage device, a different vulnerability than CVE-2011-1577.
Ubuntu-Description
Timo Warns discovered that the EFI GUID partition table was not correctly
parsed. A physically local attacker that could insert mountable devices
could exploit this to crash the system or possibly gain root privileges.
Package
Upstream:released (2.6.39~rc7)
Package
Upstream:released (2.6.39~rc7)
Package
Upstream:released (2.6.39~rc7)
Package
Upstream:released (2.6.39~rc7)
Package
Upstream:released (2.6.39~rc7)
Package
Upstream:released (2.6.39~rc7)
Package
Upstream:released (2.6.39~rc7)
More Information

Updated: 2019-03-26 11:56:28 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)