#VU45141 Input validation error in Linux kernel - CVE-2011-1163
Vulnerability identifier: #VU45141
Vulnerability risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID:
CWE-ID:
CWE-20
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
Linux kernel
Operating systems & Components /
Operating system
Vendor: Linux Foundation
Description
The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.
The osf_partition function in fs/partitions/osf.c in the Linux kernel before 2.6.38 does not properly handle an invalid number of partitions, which might allow local users to obtain potentially sensitive information from kernel heap memory via vectors related to partition-table parsing.
Mitigation
Install update from vendor's website.
Vulnerable software versions
Linux kernel: 2.6.0 - 2.6.37.6
External links
https://downloads.avaya.com/css/P8/documents/100145416
https://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=1eafbfeb7bdf59cfe173304c76188f3fd5f1fd05
https://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html
https://openwall.com/lists/oss-security/2011/03/15/14
https://openwall.com/lists/oss-security/2011/03/15/9
https://rhn.redhat.com/errata/RHSA-2011-0833.html
https://securityreason.com/securityalert/8189
https://securitytracker.com/id?1025225
https://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.38
https://www.pre-cert.de/advisories/PRE-SA-2011-02.txt
https://www.securityfocus.com/archive/1/517050
https://www.securityfocus.com/bid/46878
https://www.spinics.net/lists/mm-commits/msg82737.html
https://bugzilla.redhat.com/show_bug.cgi?id=688021
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
