CVE-2011-1017 - OpenCVE

Heap-based buffer overflow in the ldm_frag_add function in fs/partitions/ldm.c in the Linux kernel 2.6.37.2 and earlier might allow local users to gain privileges or obtain sensitive information via a crafted LDM partition table.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:L/AC:L/Au:N/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Canonical	Ubuntu Linux
Linux	Linux Kernel

Configuration 1 [-]

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Configuration 2 [-]

cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*

No data.

References

Link	Providers
http://openwall.com/lists/oss-security/2011/02/23/16
http://openwall.com/lists/oss-security/2011/02/24/14
http://openwall.com/lists/oss-security/2011/02/24/4
http://secunia.com/advisories/43716
http://secunia.com/advisories/43738
http://securityreason.com/securityalert/8115
http://securitytracker.com/id?1025128
http://www.pre-cert.de/advisories/PRE-SA-2011-01.txt
http://www.securityfocus.com/archive/1/516615/100/0/threaded
http://www.securityfocus.com/bid/46512
http://www.ubuntu.com/usn/USN-1146-1

History

No history.

MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2011-03-01T22:00:00

Updated: 2024-08-06T22:14:27.031Z

Reserved: 2011-02-14T00:00:00

Link: CVE-2011-1017

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2011-03-01T23:00:03.143

Modified: 2020-08-07T19:28:44.533

Link: CVE-2011-1017

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2011-02-23T00:00:00", "descriptions": [{"lang": "en", "value": "Heap-based buffer overflow in the ldm_frag_add function in fs/partitions/ldm.c in the Linux kernel 2.6.37.2 and earlier might allow local users to gain privileges or obtain sensitive information via a crafted LDM partition table."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-09T18:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "USN-1146-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-1146-1"}, {"name": "46512", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/46512"}, {"name": "8115", "tags": ["third-party-advisory", "x_refsource_SREASON"], "url": "http://securityreason.com/securityalert/8115"}, {"name": "[oss-security] 20110223 Re: CVE request: kernel: fs/partitions: Kernel heap overflow via corrupted LDM partition tables", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://openwall.com/lists/oss-security/2011/02/24/4"}, {"name": "1025128", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1025128"}, {"name": "[oss-security] 20110223 CVE request: kernel: fs/partitions: Kernel heap overflow via corrupted LDM partition tables", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://openwall.com/lists/oss-security/2011/02/23/16"}, {"name": "20110223 [PRE-SA-2011-01] Multiple Linux kernel vulnerabilities in partition handling code of LDM and MAC partition tables", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/516615/100/0/threaded"}, {"name": "43738", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/43738"}, {"name": "[oss-security] 20110224 Re: CVE request: kernel: fs/partitions: Kernel heap overflow via corrupted LDM partition tables", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://openwall.com/lists/oss-security/2011/02/24/14"}, {"tags": ["x_refsource_MISC"], "url": "http://www.pre-cert.de/advisories/PRE-SA-2011-01.txt"}, {"name": "43716", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/43716"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert@redhat.com", "ID": "CVE-2011-1017", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Heap-based buffer overflow in the ldm_frag_add function in fs/partitions/ldm.c in the Linux kernel 2.6.37.2 and earlier might allow local users to gain privileges or obtain sensitive information via a crafted LDM partition table."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "USN-1146-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-1146-1"}, {"name": "46512", "refsource": "BID", "url": "http://www.securityfocus.com/bid/46512"}, {"name": "8115", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/8115"}, {"name": "[oss-security] 20110223 Re: CVE request: kernel: fs/partitions: Kernel heap overflow via corrupted LDM partition tables", "refsource": "MLIST", "url": "http://openwall.com/lists/oss-security/2011/02/24/4"}, {"name": "1025128", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1025128"}, {"name": "[oss-security] 20110223 CVE request: kernel: fs/partitions: Kernel heap overflow via corrupted LDM partition tables", "refsource": "MLIST", "url": "http://openwall.com/lists/oss-security/2011/02/23/16"}, {"name": "20110223 [PRE-SA-2011-01] Multiple Linux kernel vulnerabilities in partition handling code of LDM and MAC partition tables", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/516615/100/0/threaded"}, {"name": "43738", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/43738"}, {"name": "[oss-security] 20110224 Re: CVE request: kernel: fs/partitions: Kernel heap overflow via corrupted LDM partition tables", "refsource": "MLIST", "url": "http://openwall.com/lists/oss-security/2011/02/24/14"}, {"name": "http://www.pre-cert.de/advisories/PRE-SA-2011-01.txt", "refsource": "MISC", "url": "http://www.pre-cert.de/advisories/PRE-SA-2011-01.txt"}, {"name": "43716", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/43716"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T22:14:27.031Z"}, "title": "CVE Program Container", "references": [{"name": "USN-1146-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-1146-1"}, {"name": "46512", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/46512"}, {"name": "8115", "tags": ["third-party-advisory", "x_refsource_SREASON", "x_transferred"], "url": "http://securityreason.com/securityalert/8115"}, {"name": "[oss-security] 20110223 Re: CVE request: kernel: fs/partitions: Kernel heap overflow via corrupted LDM partition tables", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://openwall.com/lists/oss-security/2011/02/24/4"}, {"name": "1025128", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1025128"}, {"name": "[oss-security] 20110223 CVE request: kernel: fs/partitions: Kernel heap overflow via corrupted LDM partition tables", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://openwall.com/lists/oss-security/2011/02/23/16"}, {"name": "20110223 [PRE-SA-2011-01] Multiple Linux kernel vulnerabilities in partition handling code of LDM and MAC partition tables", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/516615/100/0/threaded"}, {"name": "43738", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/43738"}, {"name": "[oss-security] 20110224 Re: CVE request: kernel: fs/partitions: Kernel heap overflow via corrupted LDM partition tables", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://openwall.com/lists/oss-security/2011/02/24/14"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.pre-cert.de/advisories/PRE-SA-2011-01.txt"}, {"name": "43716", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/43716"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2011-1017", "datePublished": "2011-03-01T22:00:00", "dateReserved": "2011-02-14T00:00:00", "dateUpdated": "2024-08-06T22:14:27.031Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "426D3BDC-F64D-41EF-92EC-E2465BEB8E1E", "versionEndExcluding": "2.6.37.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*", "matchCriteriaId": "7EBFE35C-E243-43D1-883D-4398D71763CC", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Heap-based buffer overflow in the ldm_frag_add function in fs/partitions/ldm.c in the Linux kernel 2.6.37.2 and earlier might allow local users to gain privileges or obtain sensitive information via a crafted LDM partition table."}, {"lang": "es", "value": "Desbordamiento de b\u00fafer en memoria din\u00e1mica en la funci\u00f3n ldm_frag_add en fs/partitions/ldm.c en el kernel de Linux v2.6.37.2 y anteriores, podr\u00eda permitir a usuarios locales conseguir privilegios u obtener informaci\u00f3n sensible a trav\u00e9s de una tabla de particiones LDM manipulada."}], "id": "CVE-2011-1017", "lastModified": "2020-08-07T19:28:44.533", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2011-03-01T23:00:03.143", "references": [{"source": "secalert@redhat.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://openwall.com/lists/oss-security/2011/02/23/16"}, {"source": "secalert@redhat.com", "tags": ["Exploit", "Mailing List", "Third Party Advisory"], "url": "http://openwall.com/lists/oss-security/2011/02/24/14"}, {"source": "secalert@redhat.com", "tags": ["Exploit", "Mailing List", "Third Party Advisory"], "url": "http://openwall.com/lists/oss-security/2011/02/24/4"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/43716"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/43738"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://securityreason.com/securityalert/8115"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://securitytracker.com/id?1025128"}, {"source": "secalert@redhat.com", "tags": ["Patch", "Third Party Advisory"], "url": "http://www.pre-cert.de/advisories/PRE-SA-2011-01.txt"}, {"source": "secalert@redhat.com", "tags": ["Not Applicable"], "url": "http://www.securityfocus.com/archive/1/516615/100/0/threaded"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/46512"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://www.ubuntu.com/usn/USN-1146-1"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}]}