Ubuntu Security: USN-1234-1 Low: gparted Buffer Overflow Vulnerability
Jan 28, 2021
•
LinuxSecurity Advisories
1 min read
The package gptfdisk before version 1.0.6-1 is vulnerable to arbitrary code execution.
Arch Linux Security Advisory ASA-202101-34 ========================================= Severity: Medium Date : 2021-01-20 CVE-ID : CVE-2021-0308 Package : gptfdisk Type : arbitrary code execution Remote : No Link : https://security.archlinux.org/AVG-1435 Summary ====== The package gptfdisk before version 1.0.6-1 is vulnerable to arbitrary code execution. Resolution ========= Upgrade to 1.0.6-1. # pacman -Syu "gptfdisk>=1.0.6-1" The problem has been fixed upstream in version 1.0.6. Workaround ========= None. Description ========== A security issue was found in GPT fdisk before version 1.0.6. In ReadLogicalParts of basicmbr.cc, there is a possible out of bounds write due to a missing bounds check. Impact ===== A badly formatted MBR disk could execute arbitrary code. References ========= https://source.android.com/docs/security/bulletin/2021-01-01 https://security.archlinux.org/CVE-2021-0308
PREVIOUS
NEXT
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!