oss-sec mailing list archives
Re: CVE request: kernel: fs/partitions: Kernel heap overflow via corrupted LDM partition tables
From: Eugene Teo <eugene () redhat com>
Date: Fri, 03 Jun 2011 14:47:39 +0800
On 02/25/2011 04:22 AM, Josh Bressers wrote:
----- Original Message -----On Thu, 2011-02-24 at 09:25 +0800, Eugene Teo wrote:On 02/24/2011 03:59 AM, Josh Bressers wrote:----- Original Message -----The kernel automatically evaluates partition tables of storage devices. The code for evaluating LDM partitions (in fs/partitions/ldm.c) contains a bug that allows to overflow the kernel heap. It may be possible to escalate privileges by exploiting this bug.
[...]
I would still like something along the lines of a proposed patch. I believe you folks (as you're much brighter than me), but I still don't quite grasp the difference. I suspect there is enough public information for MITRE to public a CVE though, so please use CVE-2011-1017.
It was reported that the fix for this is insufficient. I have assigned CVE-2011-2182 to this. See https://lkml.org/lkml/2011/5/6/407. Timo, can you please post the patch here once you have submitted it to lkml for review. Thanks. Eugene
Current thread:
- Re: CVE request: kernel: fs/partitions: Kernel heap overflow via corrupted LDM partition tables Timo Warns (Apr 12)
- <Possible follow-ups>
- Re: CVE request: kernel: fs/partitions: Kernel heap overflow via corrupted LDM partition tables Eugene Teo (Jun 02)