Your submission was sent successfully! Close

CVE-2016-5011

Published: 11 April 2017

The parse_dos_extended function in partitions/dos.c in the libblkid library in util-linux allows physically proximate attackers to cause a denial of service (memory consumption) via a crafted MSDOS partition table with an extended partition boot record at zero offset.

Priority

Low

CVSS 3 base score: 4.6

Status

Package Release Status
util-linux
Launchpad, Ubuntu, Debian
artful Ignored
(reached end-of-life)
bionic Not vulnerable
(2.31.1-0.4ubuntu3.3)
cosmic Not vulnerable
(2.32-0.1ubuntu2)
disco Not vulnerable
(2.33.1-0.1ubuntu2)
eoan Not vulnerable
(2.33.1-0.1ubuntu2)
focal Not vulnerable
(2.33.1-0.1ubuntu2)
groovy Not vulnerable
(2.33.1-0.1ubuntu2)
hirsute Not vulnerable
(2.33.1-0.1ubuntu2)
impish Not vulnerable
(2.33.1-0.1ubuntu2)
jammy Not vulnerable
(2.33.1-0.1ubuntu2)
precise Ignored
(end of ESM support, was needed)
trusty Needed

upstream
Released (2.28.1-1)
wily Ignored
(reached end-of-life)
xenial
Released (2.27.1-6ubuntu3.10+esm2)
yakkety Ignored
(reached end-of-life)
zesty Ignored
(reached end-of-life)
Patches:
upstream: https://git.kernel.org/cgit/utils/util-linux/util-linux.git/commit/?id=7164a1c34d18831ac61c6744ad14ce916d389b3f
upstream: https://git.kernel.org/cgit/utils/util-linux/util-linux.git/commit/?id=50d1594c2e6142a3b51d2143c74027480df082e0