Executive Summary

Informations
NameCVE-2011-1012First vendor Publication2011-03-01
VendorCveLast vendor Modification2018-10-09

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:L/Au:N/C:N/I:N/A:C)
Cvss Base Score4.9Attack RangeLocal
Cvss Impact Score6.9Attack ComplexityLow
Cvss Expoit Score3.9AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

The ldm_parse_vmdb function in fs/partitions/ldm.c in the Linux kernel before 2.6.38-rc6-git6 does not validate the VBLK size value in the VMDB structure in an LDM partition table, which allows local users to cause a denial of service (divide-by-zero error and OOPS) via a crafted partition table.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1012

CWE : Common Weakness Enumeration

%idName
100 %CWE-20Improper Input Validation

CPE : Common Platform Enumeration

TypeDescriptionCount
Os1369

OpenVAS Exploits

DateDescription
2011-09-16Name : Ubuntu Update for linux-ti-omap4 USN-1202-1
File : nvt/gb_ubuntu_USN_1202_1.nasl
2011-09-16Name : Ubuntu Update for linux-fsl-imx51 USN-1204-1
File : nvt/gb_ubuntu_USN_1204_1.nasl
2011-08-12Name : Ubuntu Update for linux-lts-backport-maverick USN-1187-1
File : nvt/gb_ubuntu_USN_1187_1.nasl
2011-08-03Name : Debian Security Advisory DSA 2264-1 (linux-2.6)
File : nvt/deb_2264_1.nasl
2011-07-18Name : Ubuntu Update for linux USN-1167-1
File : nvt/gb_ubuntu_USN_1167_1.nasl
2011-07-08Name : Ubuntu Update for linux USN-1160-1
File : nvt/gb_ubuntu_USN_1160_1.nasl
2011-06-10Name : Ubuntu Update for linux USN-1146-1
File : nvt/gb_ubuntu_USN_1146_1.nasl
2011-06-06Name : Ubuntu Update for linux USN-1141-1
File : nvt/gb_ubuntu_USN_1141_1.nasl
2011-05-06Name : SuSE Update for kernel SUSE-SA:2011:020
File : nvt/gb_suse_2011_020.nasl
2011-04-22Name : SuSE Update for kernel SUSE-SA:2011:017
File : nvt/gb_suse_2011_017.nasl

Open Source Vulnerability Database (OSVDB)

idDescription
73037Linux Kernel fs/partitions/ldm.c ldm_parse_vmdb Function LDM Partition Table ...

Nessus® Vulnerability Scanner

DateDescription
2014-06-13Name : The remote openSUSE host is missing a security update.
File : suse_11_3_kernel-110414.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : suse_11_4_kernel-110426.nasl - Type : ACT_GATHER_INFO
2013-03-08Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1093-1.nasl - Type : ACT_GATHER_INFO
2012-05-17Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7515.nasl - Type : ACT_GATHER_INFO
2011-12-13Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7516.nasl - Type : ACT_GATHER_INFO
2011-09-14Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1204-1.nasl - Type : ACT_GATHER_INFO
2011-09-14Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1202-1.nasl - Type : ACT_GATHER_INFO
2011-08-09Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1187-1.nasl - Type : ACT_GATHER_INFO
2011-07-26Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-110718.nasl - Type : ACT_GATHER_INFO
2011-07-14Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1167-1.nasl - Type : ACT_GATHER_INFO
2011-06-30Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7568.nasl - Type : ACT_GATHER_INFO
2011-06-29Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1160-1.nasl - Type : ACT_GATHER_INFO
2011-06-20Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2264.nasl - Type : ACT_GATHER_INFO
2011-06-13Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1141-1.nasl - Type : ACT_GATHER_INFO
2011-06-13Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1146-1.nasl - Type : ACT_GATHER_INFO
2011-05-05Name : The remote openSUSE host is missing a security update.
File : suse_11_2_kernel-110413.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

SourceUrl
BID http://www.securityfocus.com/bid/46512
BUGTRAQ http://www.securityfocus.com/archive/1/516615/100/0/threaded
CONFIRM http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=2...
http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.38-rc6-git6.log
MISC http://www.pre-cert.de/advisories/PRE-SA-2011-01.txt
MLIST http://openwall.com/lists/oss-security/2011/02/23/21
http://openwall.com/lists/oss-security/2011/02/23/4
http://www.spinics.net/lists/mm-commits/msg82429.html
SECTRACK http://www.securitytracker.com/id?1025127
SREASON http://securityreason.com/securityalert/8115
UBUNTU http://www.ubuntu.com/usn/USN-1146-1

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
DateInformations
2018-11-17 12:02:14
  • Multiple Updates
2018-10-30 12:04:00
  • Multiple Updates
2018-10-10 00:19:42
  • Multiple Updates
2016-07-01 11:07:21
  • Multiple Updates
2016-06-29 00:18:38
  • Multiple Updates
2016-06-28 18:34:36
  • Multiple Updates
2016-04-26 20:35:53
  • Multiple Updates
2014-06-14 13:30:27
  • Multiple Updates
2014-02-17 11:00:53
  • Multiple Updates
2013-05-10 22:55:57
  • Multiple Updates