CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:N/I:N/A:C
AI Score
Confidence
High
EPSS
Percentile
73.4%
Heap-based buffer overflow in the is_gpt_valid function in fs/partitions/efi.c in the Linux kernel 2.6.38 and earlier allows physically proximate attackers to cause a denial of service (OOPS) or possibly have unspecified other impact via a crafted size of the EFI GUID partition-table header on removable media.
Vendor | Product | Version | CPE |
---|---|---|---|
linux | linux_kernel | * | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
linux | linux_kernel | 2.6.0 | cpe:2.3:o:linux:linux_kernel:2.6.0:*:*:*:*:*:*:* |
linux | linux_kernel | 2.6.1 | cpe:2.3:o:linux:linux_kernel:2.6.1:*:*:*:*:*:*:* |
linux | linux_kernel | 2.6.1 | cpe:2.3:o:linux:linux_kernel:2.6.1:rc1:*:*:*:*:*:* |
linux | linux_kernel | 2.6.1 | cpe:2.3:o:linux:linux_kernel:2.6.1:rc2:*:*:*:*:*:* |
linux | linux_kernel | 2.6.1 | cpe:2.3:o:linux:linux_kernel:2.6.1:rc3:*:*:*:*:*:* |
linux | linux_kernel | 2.6.2 | cpe:2.3:o:linux:linux_kernel:2.6.2:*:*:*:*:*:*:* |
linux | linux_kernel | 2.6.2 | cpe:2.3:o:linux:linux_kernel:2.6.2:rc1:*:*:*:*:*:* |
linux | linux_kernel | 2.6.2 | cpe:2.3:o:linux:linux_kernel:2.6.2:rc2:*:*:*:*:*:* |
linux | linux_kernel | 2.6.2 | cpe:2.3:o:linux:linux_kernel:2.6.2:rc3:*:*:*:*:*:* |
downloads.avaya.com/css/P8/documents/100145416
lists.fedoraproject.org/pipermail/package-announce/2011-June/061236.html
openwall.com/lists/oss-security/2011/04/12/17
openwall.com/lists/oss-security/2011/04/13/1
rhn.redhat.com/errata/RHSA-2011-0833.html
securityreason.com/securityalert/8238
securitytracker.com/id?1025355
www.securityfocus.com/archive/1/517477/100/0/threaded
www.securityfocus.com/bid/47343
www.spinics.net/lists/mm-commits/msg83274.html
bugzilla.redhat.com/show_bug.cgi?id=695976
exchange.xforce.ibmcloud.com/vulnerabilities/66773