The is_gpt_valid function in fs/partitions/efi.c in the Linux kernel prior to 2.6.39 does not check the size of an Extensible Firmware Interface (EFI) GUID Partition Table (GPT) entry, which allows physically proximate malicious users to cause a denial of service (heap-based buffer overflow and OOPS) or obtain sensitive information from kernel heap memory by connecting a crafted GPT storage device, a different vulnerability than CVE-2011-1577.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
linux linux kernel |
||
redhat enterprise linux server 5.0 |
||
redhat enterprise linux workstation 5.0 |
||
redhat enterprise linux desktop 5.0 |
||
redhat enterprise linux server aus 5.6 |
||
redhat enterprise linux server eus 5.6 |