Release date:
Updated on:
Affected Systems:
Linux kernel 2.6.x
Description:
--------------------------------------------------------------------------------
CVE (CAN) ID: CVE-2011-1017
Linux Kernel is the Kernel used by open source Linux.
Linux Kernel has a buffer overflow vulnerability in LDM partition processing. Local attackers can exploit this vulnerability to control affected systems.
This vulnerability is caused by an error in the "ldm_frag_add ()" function in fs/partitions/ldm. c. you can insert a USB device with a dedicated LDM partition to cause a buffer overflow.
<* Source: Timo Warns
Link: http://www.pre-cert.de/advisories/PRE-SA-2011-01.txt
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
Linux
-----
Currently, the vendor does not provide patches or upgrade programs. We recommend that users who use the software follow the vendor's homepage to obtain the latest version:
Http://www.kernel.org/