Buffer overflow vulnerability in ldm_frag_add function in Linux kernel before 2.6.39.1

Buffer overflow vulnerability in ldm_frag_add function in Linux kernel before 2.6.39.1

CVE-2011-2182 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

The ldm_frag_add function in fs/partitions/ldm.c in the Linux kernel before 2.6.39.1 does not properly handle memory allocation for non-initial fragments, which might allow local users to conduct buffer overflow attacks, and gain privileges or obtain sensitive information, via a crafted LDM partition table. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-1017.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.