libblkid.so is vulnerable to denial of service. The parse_dos_extended
function in partitions/dos.c
allows attackers to cause a denial of service condition through a crafted MSDOS
partition table with an extended partition boot record at zero offset.
CPE | Name | Operator | Version |
---|---|---|---|
libblkid.so | eq | 1.1.0 |
rhn.redhat.com/errata/RHSA-2016-2605.html
www-01.ibm.com/support/docview.wss?uid=isg3T1024543
www-01.ibm.com/support/docview.wss?uid=nas8N1021801
www.openwall.com/lists/oss-security/2016/07/11/2
www.securityfocus.com/bid/91683
www.securitytracker.com/id/1036272
git.kernel.org/pub/scm/utils/util-linux/util-linux.git/commit/?id=7164a1c3
github.com/karelzak/util-linux/commit/7164a1c34d18831ac61c6744ad14ce916d389b3f