oss-sec mailing list archives
CVE request: kernel: fs/partitions: Kernel heap overflow via corrupted LDM partition tables
From: Timo Warns <warns () pre-sense de>
Date: Wed, 23 Feb 2011 13:45:33 +0100
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The kernel automatically evaluates partition tables of storage devices. The code for evaluating LDM partitions (in fs/partitions/ldm.c) contains a bug that allows to overflow the kernel heap. It may be possible to escalate privileges by exploiting this bug. (This bug is distinct from the LDM bug reported by Eugene Teo on 2011-02-23.) This should affect both, 2.4 and 2.6 kernel. As a prerequisite, CONFIG_LDM_PARTITION needs to be set. Thanks, Timo - -- Dr. Timo Warns warns () pre-sense de Tel. +49 - 40 - 244 2407 - 16 Fax +49 - 40 - 244 2407 - 24 PRESENSE Technologies GmbH Sachsenstr. 5, D-20097 HH USt-IdNr.: DE263765024 Geschäftsführer/Managing Directors AG Hamburg, HRB 107844 Till Dörges Jürgen Sander Axel Theilmann -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.15 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org/ iEYEARECAAYFAk1lAW0ACgkQneTPdraGveU9wwCePDVkbSTEk4Ltzc4mjs/3Ci83 5JIAn26q86H3uucoklA5yps8WwJAmrN4 =ssUq -----END PGP SIGNATURE-----
Current thread:
- CVE request: kernel: fs/partitions: Kernel heap overflow via corrupted LDM partition tables Timo Warns (Feb 23)