[CVE-2011-1577] fs/partitions/efi.c: corrupted GUID partition tables can cause kernel oops
Stefan Bader
stefan.bader at canonical.com
Fri Jun 10 11:18:56 UTC 2011
On 10.06.2011 12:05, Andy Whitcroft wrote:
> CVE-2011-1577
>
> Heap-based buffer overflow in the is_gpt_valid function in
> fs/partitions/efi.c in the Linux kernel 2.6.38 and earlier allows
> physically proximate attackers to cause a denial of service (OOPS)
> or possibly have unspecified other impact via a crafted size of
> the EFI GUID partition-table header on removable media.
>
> This vunerability is fixed by the upstream commit below:
>
> commit 3eb8e74ec72736b9b9d728bad30484ec89c91dde
> Author: Timo Warns <Warns at pre-sense.de>
> Date: Thu May 26 16:25:57 2011 -0700
>
> fs/partitions/efi.c: corrupted GUID partition tables can cause kernel oops
>
> Following this email are patches for Hardy; Lucid and Lucid/fsl-imx51;
> and Maverick, Maverick/ti-omap4, Natty and Natty/ti-omap4. Those for
> Maverick and Natty are clean cherry-picks from mainline, the remainder
> are backports.
>
> Proposing for Hardy, Lucid, Lucid/fsl-imx51, Maverick, Maveric/ti-omap4, Natty,
> and Natty/ti-omap4.
>
> Also needed for Lucid/ec2, Lucid/mvl-dove, and Maverick/mvl-dove which
> will get it from their parent branch.
>
> -apw
>
So for Hardy there is only hardsect_size... Otherwise the code section looks
like upstream. Sounds like a valid approximation.
Acked-by: Stefan Bader <stefan.bader at canonical.com>
More information about the kernel-team
mailing list