CVE-2011-1163

NameCVE-2011-1163
DescriptionThe osf_partition function in fs/partitions/osf.c in the Linux kernel before 2.6.38 does not properly handle an invalid number of partitions, which might allow local users to obtain potentially sensitive information from kernel heap memory via vectors related to partition-table parsing.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, GitHub code/issues, web search, more)
ReferencesDSA-2240-1, DSA-2264-1
NVD severitylow (attack range: local)

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
linux-2.6source(unstable)2.6.38-1low
linux-2.6sourcelenny2.6.26-26lenny3lowDSA-2264-1
linux-2.6sourcesqueeze2.6.32-34squeeze1lowDSA-2240-1

Search for package or bug name: Reporting problems