CVE-2011-1017 — Vulnetix

Try Vulnetix Request Demo

CVE-2011-1017 PUBLISHED CVSS 8.600000381469727 HIGH

Heap-based buffer overflow in the ldm_frag_add function in fs/partitions/ldm.c in the Linux kernel 2.6.37.2 and earlier might allow local users to gain privileges or obtain sensitive information via a crafted LDM partition table.

EPSS 0.06% · 18.7th percentile

Risk Scores

CVSS v4.0

8.600000381469727

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

EPSS Score

0.06%

18.7th percentile

Affected Products

Vendor	Product	Versions
canonical	ubuntu_linux	8.04
linux	linux_kernel	0
n/a	n/a	n/a

Timeline

Mar 1, 2011 CVE Published
Feb 4, 2022 EPSS Score
Mar 28, 2022 EPSS Score
May 19, 2022 EPSS Score
Jul 10, 2022 EPSS Score
Sep 1, 2022 EPSS Score
Oct 23, 2022 EPSS Score
Dec 14, 2022 EPSS Score
Feb 4, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Mar 28, 2023 EPSS Score
May 19, 2023 EPSS Score

References

USN-1146-1 vendor-advisory
46512 vdb
8115 third-party-advisory
[oss-security] 20110223 Re: CVE request: kernel: fs/partitions: Kernel heap overflow via corrupted LDM partition tables mailing-list
1025128 vdb
[oss-security] 20110223 CVE request: kernel: fs/partitions: Kernel heap overflow via corrupted LDM partition tables mailing-list
20110223 [PRE-SA-2011-01] Multiple Linux kernel vulnerabilities in partition handling code of LDM and MAC partition tables mailing-list
43738 third-party-advisory
[oss-security] 20110224 Re: CVE request: kernel: fs/partitions: Kernel heap overflow via corrupted LDM partition tables mailing-list
http://www.pre-cert.de/advisories/PRE-SA-2011-01.txt url
43716 third-party-advisory
https://nvd.nist.gov/vuln/detail/CVE-2011-1017 advisory

Open in Interactive Console →