APPLIED: [CVE-2011-1776] Validate size of EFI GUID partition entries

Tim Gardner tim.gardner at
Wed Sep 14 12:54:33 UTC 2011

On 09/14/2011 05:48 AM, Andy Whitcroft wrote:
> CVE-2011-1776
> 	The is_gpt_valid function in fs/partitions/efi.c in the Linux
> 	kernel before 2.6.39 does not check the size of an Extensible
> 	Firmware Interface (EFI) GUID Partition Table (GPT) entry,
> 	which allows physically proximate attackers to cause a denial of
> 	service (heap-based buffer overflow and OOPS) or obtain sensitive
> 	information from kernel heap memory by connecting a crafted GPT
> 	storage device, a different vulnerability than CVE-2011-1577.
> The fix for this issue has hit oneiric and lucid via mainline and
> stable updates.  Following this email are two patches, the first for
> hardy and lucid/fsl-imx51, the second for maverick, maverick/ti-omap4,
> and natty/ti-omap4.  The hardy patch is a minor backport, the maverick
> patch is a simple cherry-pick.
> Proposing for hardy, lucid/fsl-imx51, maverick, maverick/ti-omap4,
> and natty/ti-omap4.
> -apw

Tim Gardner tim.gardner at

More information about the kernel-team mailing list