Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

rocky логотип

RLSA-2022:7700

Опубликовано: 08 нояб. 2022
Источник: rocky
Оценка: Moderate

Описание

Moderate: gdisk security update

The gdisk packages provide the gdisk partitioning utility for GUID Partition Table (GPT) disks. The utility features a command-line interface similar to fdisk, direct manipulation of partition table structures, recovery tools to deal with corrupt partition tables, and the ability to convert Master Boot Record (MBR) disks to the GPT format.

Security Fix(es):

  • gdisk: possible out-of-bounds-write in LoadPartitionTable of gpt.cc (CVE-2020-0256)

  • gdisk: possible out-of-bounds-write in ReadLogicalParts of basicmbr.cc (CVE-2021-0308)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section.

Затронутые продукты

  • Rocky Linux 8

НаименованиеАрхитектураРелизRPM
gdiskx86_6411.el8gdisk-1.0.3-11.el8.x86_64.rpm

Показывать по

Связанные CVE

CVE-2020-0256
CVE-2021-0308

Ссылки на источники

Исправления

Связанные уязвимости

oracle-oval логотип

ELSA-2022-7700

oracle-oval
больше 2 лет назад

ELSA-2022-7700: gdisk security update (MODERATE)

ubuntu логотип

CVE-2021-0308

CVSS3: 6.8
ubuntu
больше 4 лет назад

In ReadLogicalParts of basicmbr.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-8.1, Android-9, Android-10, Android-11, Android-8.0; Android ID: A-158063095.

redhat логотип

CVE-2021-0308

CVSS3: 6.8
redhat
больше 3 лет назад

In ReadLogicalParts of basicmbr.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-8.1, Android-9, Android-10, Android-11, Android-8.0; Android ID: A-158063095.

nvd логотип

CVE-2021-0308

CVSS3: 6.8
nvd
больше 4 лет назад

In ReadLogicalParts of basicmbr.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-8.1, Android-9, Android-10, Android-11, Android-8.0; Android ID: A-158063095.

debian логотип

CVE-2021-0308

CVSS3: 6.8
debian
больше 4 лет назад

In ReadLogicalParts of basicmbr.cc, there is a possible out of bounds ...