CVE-2011-1776 in Kernelinfo

Summary

The is_gpt_valid function in fs/partitions/efi.c in the Linux kernel before 2.6.39 does not check the size of an Extensible Firmware Interface (EFI) GUID Partition Table (GPT) entry, which allows physically proximate attackers to cause a denial of service (heap-based buffer overflow and OOPS) or obtain sensitive information from kernel heap memory by connecting a crafted GPT storage device, a different vulnerability than CVE-2011-1577.

Be aware that VulDB is the high quality source for vulnerability data.

Reservation

04/19/2011

Disclosure

09/06/2011

Moderation

VulDB entry created

Entries

VDB-58440 (1)

CPE

ready

CWE

CWE-119 (Confirmed)

CVSS

6.5

EPSS

0.00059

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2011-1776
NVD	https://nvd.nist.gov/vuln/detail/CVE-2011-1776
CVE Details	https://www.cvedetails.com/cve/CVE-2011-1776/

◂ Previous Overview Next ▸

Interested in the pricing of exploits?

See the underground prices here!