CVE-2011-1776 — MEDIUM (6.1)

Q: How severe is CVE-2011-1776?

CVE-2011-1776 has been rated MEDIUM with a CVSS base score of 6.1/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2011-1776?

Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel, Redhat Enterprise Linux Desktop, Redhat Enterprise Linux Server, Redhat Enterprise Linux Server Aus, Redhat Enterprise Linux Server Eus.

Vulnerability Description

The is_gpt_valid function in fs/partitions/efi.c in the Linux kernel before 2.6.39 does not check the size of an Extensible Firmware Interface (EFI) GUID Partition Table (GPT) entry, which allows physically proximate attackers to cause a denial of service (heap-based buffer overflow and OOPS) or obtain sensitive information from kernel heap memory by connecting a crafted GPT storage device, a different vulnerability than CVE-2011-1577.

CVSS Score

6.1

MEDIUM

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

NONE

Availability

HIGH

Affected Products

Vendor	Product	Versions
Linux	Linux Kernel	< 2.6.39
Redhat	Enterprise Linux Desktop	5.0
Redhat	Enterprise Linux Server	5.0
Redhat	Enterprise Linux Server Aus	5.6
Redhat	Enterprise Linux Server Eus	5.6
Redhat	Enterprise Linux Workstation	5.0

Related Weaknesses (CWE)

CWE-119

References

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=
http://openwall.com/lists/oss-security/2011/05/10/4Mailing ListPatchThird Party Advisory
http://rhn.redhat.com/errata/RHSA-2011-0927.htmlThird Party Advisory
http://securityreason.com/securityalert/8369Third Party Advisory
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39Release NotesVendor Advisory
http://www.pre-cert.de/advisories/PRE-SA-2011-04.txtThird Party Advisory
http://www.securityfocus.com/bid/47796Third Party AdvisoryVDB Entry
https://bugzilla.redhat.com/show_bug.cgi?id=703026Issue TrackingPatchThird Party Advisory
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=
http://openwall.com/lists/oss-security/2011/05/10/4Mailing ListPatchThird Party Advisory
http://rhn.redhat.com/errata/RHSA-2011-0927.htmlThird Party Advisory
http://securityreason.com/securityalert/8369Third Party Advisory
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39Release NotesVendor Advisory
http://www.pre-cert.de/advisories/PRE-SA-2011-04.txtThird Party Advisory
http://www.securityfocus.com/bid/47796Third Party AdvisoryVDB Entry

FAQ

What is CVE-2011-1776?

CVE-2011-1776 is a vulnerability with a CVSS score of 6.1 (MEDIUM). The is_gpt_valid function in fs/partitions/efi.c in the Linux kernel before 2.6.39 does not check the size of an Extensible Firmware Interface (EFI) GUID Partition Table (GPT) entry, which allows phys...

How severe is CVE-2011-1776?

CVE-2011-1776 has been rated MEDIUM with a CVSS base score of 6.1/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2011-1776?

Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel, Redhat Enterprise Linux Desktop, Redhat Enterprise Linux Server, Redhat Enterprise Linux Server Aus, Redhat Enterprise Linux Server Eus.