oss-sec mailing list archives
Re: CVE request: kernel: validate size of EFI GUID partition entries
From: Timo Warns <warns () pre-sense de>
Date: Tue, 10 May 2011 09:28:30 +0200
Hi, from my point of view, these are different bugs: CVE-2011-1577 addresses the overall header size used for a CRC32 computation. CVE-2011-1776 addresses the size of partition entries used for allocating a data structure. Of course, one could argue that this is only one issue "missing input validation on GUID partition tables". Cheers, Timo Am 10.05.2011 09:18, schrieb Sebastian Krahmer:
Hi, Is this really different than what was assigned CVE-2011-1577 to? See http://www.spinics.net/lists/mm-commits/msg83274.html or the text on the OSS mail on April 12th which reads exactly the same. Sebastian On Mon, May 09, 2011 at 03:01:06PM -0400, Josh Bressers wrote:----- Original Message -----The kernel automatically evaluates partition tables of storage devices. The code for evaluating GUID partitions (in fs/partitions/efi.c) contains a bug that can cause a kernel heap overflow on certain corrupted GUID partition tables. http://git.kernel.org/linus/fa039d5f6b126fbd65eefa05db2f67e44df8f121 http://bugzilla.redhat.com/show_bug.cgi?id=703026Please use CVE-2011-1776 Thanks. -- JB
Current thread:
- CVE request: kernel: validate size of EFI GUID partition entries Eugene Teo (May 08)
- Re: CVE request: kernel: validate size of EFI GUID partition entries Josh Bressers (May 09)
- Re: CVE request: kernel: validate size of EFI GUID partition entries Sebastian Krahmer (May 10)
- Re: CVE request: kernel: validate size of EFI GUID partition entries Eugene Teo (May 10)
- Re: CVE request: kernel: validate size of EFI GUID partition entries Sebastian Krahmer (May 10)
- Re: CVE request: kernel: validate size of EFI GUID partition entries Timo Warns (May 10)
- Re: CVE request: kernel: validate size of EFI GUID partition entries Sebastian Krahmer (May 10)
- Re: CVE request: kernel: validate size of EFI GUID partition entries Josh Bressers (May 09)