CVE-2011-1163

CVSS v2.0 2.1 (Low)

EPSS 0.04 % (11^th)

Affected Products 7

Advisories 15

The osf_partition function in fs/partitions/osf.c in the Linux kernel before 2.6.38 does not properly handle an invalid number of partitions, which might allow local users to obtain potentially sensitive information from kernel heap memory via vectors related to partition-table parsing.

Weaknesses

CWE-20: Improper Input Validation

CVE Status: PUBLISHED
CNA: Red Hat, Inc.
Published Date: 2011-04-10 02:51:19
(13 years ago)
Updated Date: 2023-02-13 01:19:02
(19 months ago)

Affected Products

Linux

Linux Kernel

Redhat

Suse

Linux Enterprise Server

Configuration #1

		CPE23	From	Up To
	Linux Kernel prior 2.6.38 version	cpe:2.3:o:linux:linux_kernel		< 2.6.38

Configuration #2

		CPE23	From	Up To
	Suse Linux Enterprise Server 10 SP4	cpe:2.3:o:suse:linux_enterprise_server:10:sp4:::ltss

Configuration #3

		CPE23	From	Up To
	Redhat Enterprise Linux Desktop 5.0	cpe:2.3:o:redhat:enterprise_linux_desktop:5.0
	Redhat Enterprise Linux Desktop 6.0	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0
	Redhat Enterprise Linux Eus 5.6	cpe:2.3:o:redhat:enterprise_linux_eus:5.6
	Redhat Enterprise Linux Server 5.0	cpe:2.3:o:redhat:enterprise_linux_server:5.0
	Redhat Enterprise Linux Server 6.0	cpe:2.3:o:redhat:enterprise_linux_server:6.0
	Redhat Enterprise Linux Server Aus 5.6	cpe:2.3:o:redhat:enterprise_linux_server_aus:5.6
	Redhat Enterprise Linux Workstation 5.0	cpe:2.3:o:redhat:enterprise_linux_workstation:5.0
	Redhat Enterprise Linux Workstation 6.0	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0