oss-sec mailing list archives
Re: CVE request: kernel: validate size of EFI GUID partition entries
From: Josh Bressers <bressers () redhat com>
Date: Mon, 9 May 2011 15:01:06 -0400 (EDT)
----- Original Message -----
The kernel automatically evaluates partition tables of storage devices. The code for evaluating GUID partitions (in fs/partitions/efi.c) contains a bug that can cause a kernel heap overflow on certain corrupted GUID partition tables. http://git.kernel.org/linus/fa039d5f6b126fbd65eefa05db2f67e44df8f121 http://bugzilla.redhat.com/show_bug.cgi?id=703026
Please use CVE-2011-1776
Thanks.
--
JB
Current thread:
- CVE request: kernel: validate size of EFI GUID partition entries Eugene Teo (May 08)
- Re: CVE request: kernel: validate size of EFI GUID partition entries Josh Bressers (May 09)
- Re: CVE request: kernel: validate size of EFI GUID partition entries Sebastian Krahmer (May 10)
- Re: CVE request: kernel: validate size of EFI GUID partition entries Eugene Teo (May 10)
- Re: CVE request: kernel: validate size of EFI GUID partition entries Sebastian Krahmer (May 10)
- Re: CVE request: kernel: validate size of EFI GUID partition entries Timo Warns (May 10)
- Re: CVE request: kernel: validate size of EFI GUID partition entries Sebastian Krahmer (May 10)
- Re: CVE request: kernel: validate size of EFI GUID partition entries Josh Bressers (May 09)