Mend.io Vulnerability Database

What is a CVE vulnerability ID? icon What is a WS vulnerability ID? icon What is an MSC vulnerability ID? icon
New vulnerability? Tell us about it!
icon

We found results for “

CVE-2011-1163

Date: April 9, 2011

The osf_partition function in fs/partitions/osf.c in the Linux kernel before 2.6.38 does not properly handle an invalid number of partitions, which might allow local users to obtain potentially sensitive information from kernel heap memory via vectors related to partition-table parsing.

Language: C

Severity Score

Related Resources (18)

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1eafbfeb7bdf59cfe173304c76188f3fd5f1fd05
https://bugzilla.redhat.com/show_bug.cgi?id=688021
http://www.securityfocus.com/bid/46878
https://nvd.nist.gov/vuln/detail/CVE-2011-1163
http://openwall.com/lists/oss-security/2011/03/15/14
http://www.spinics.net/lists/mm-commits/msg82737.html
http://downloads.avaya.com/css/P8/documents/100145416
http://rhn.redhat.com/errata/RHSA-2011-0833.html
http://www.securityfocus.com/archive/1/517050
http://securitytracker.com/id?1025225
http://openwall.com/lists/oss-security/2011/03/15/9
http://www.pre-cert.de/advisories/PRE-SA-2011-02.txt
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.38
https://people.canonical.com/~ubuntu-security/cve/CVE-2011-1163
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html
https://access.redhat.com/security/cve/CVE-2011-1163
http://securityreason.com/securityalert/8189
https://www.mend.io/vulnerability-database/CVE-2011-1163

Severity Score

Weakness Type (CWE)

Improper Input Validation

CWE-20

CVSS v3.1

Base Score:
Attack Vector (AV): LOCAL
Attack Complexity (AC): LOW
Privileges Required (PR): NONE
User Interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality (C): LOW
Integrity (I): NONE
Availability (A): NONE

CVSS v2

Base Score:
Access Vector (AV): LOCAL
Access Complexity (AC): LOW
Authentication (AU): NONE
Confidentiality (C): PARTIAL
Integrity (I): NONE
Availability (A): NONE
Additional information:

Do you need more information?

Contact Us