oss-sec mailing list archives
CVE-2016-5011: util-linux: Extended partition loop in MBR partition table leads to DoS
From: Cedric Buissart <cbuissar () redhat com>
Date: Mon, 11 Jul 2016 12:11:43 +0200
Hi, This is to disclose the following CVE: CVE-2016-5011: util-linux: Extended partition loop in MBR partition table leads to DoS Description : The util-linux libblkid is vulnerable to a Denial of Service attack during MSDOS partition table parsing, in the extended partition boot record (EBR). If the next EBR starts at relative offset 0, parse_dos_extended() will loop until running out of memory. An attacker could install a specially crafted MSDOS partition table in a storage device and trick a user into using it. This library is used, among others, by systemd-udevd daemon. Upstream patch: libblkid: ignore extended partition at zero offset https://git.kernel.org/cgit/utils/util-linux/util-linux.git/commit/?id=7164a1c3 Impact: Low CVSS3 scoring : AV:P/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:H/RL:U/RC:C Reported by: Christian Moch & Michael Gruhn Best Regards, -- Cedric Buissart, Product Security
Current thread:
- CVE-2016-5011: util-linux: Extended partition loop in MBR partition table leads to DoS Cedric Buissart (Jul 11)
- Re: CVE-2016-5011: util-linux: Extended partition loop in MBR partition table leads to DoS Hanno Böck (Jul 11)
- Re: CVE-2016-5011: util-linux: Extended partition loop in MBR partition table leads to DoS Cedric Buissart (Jul 11)
- Re: CVE-2016-5011: util-linux: Extended partition loop in MBR partition table leads to DoS Florian Weimer (Jul 11)
- Re: CVE-2016-5011: util-linux: Extended partition loop in MBR partition table leads to DoS Cedric Buissart (Jul 12)
- Re: CVE-2016-5011: util-linux: Extended partition loop in MBR partition table leads to DoS Cedric Buissart (Jul 11)
- Re: CVE-2016-5011: util-linux: Extended partition loop in MBR partition table leads to DoS Hanno Böck (Jul 11)