CVE-2016-5011
Published: 11 April 2017
The parse_dos_extended function in partitions/dos.c in the libblkid library in util-linux allows physically proximate attackers to cause a denial of service (memory consumption) via a crafted MSDOS partition table with an extended partition boot record at zero offset.
Priority
CVSS 3 base score: 4.6
Status
Package | Release | Status |
---|---|---|
util-linux Launchpad, Ubuntu, Debian |
Upstream |
Released
(2.28.1-1)
|
Ubuntu 21.04 (Hirsute Hippo) |
Not vulnerable
(2.33.1-0.1ubuntu2)
|
|
Ubuntu 20.10 (Groovy Gorilla) |
Not vulnerable
(2.33.1-0.1ubuntu2)
|
|
Ubuntu 20.04 LTS (Focal Fossa) |
Not vulnerable
(2.33.1-0.1ubuntu2)
|
|
Ubuntu 18.04 LTS (Bionic Beaver) |
Not vulnerable
(2.31.1-0.4ubuntu3.3)
|
|
Ubuntu 16.04 LTS (Xenial Xerus) |
Needed
|
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Needed
|
|
Patches: Upstream: https://git.kernel.org/cgit/utils/util-linux/util-linux.git/commit/?id=7164a1c34d18831ac61c6744ad14ce916d389b3f Upstream: https://git.kernel.org/cgit/utils/util-linux/util-linux.git/commit/?id=50d1594c2e6142a3b51d2143c74027480df082e0 |