gdisk-1.0.3-11.el8
エラータID: AXSA:2022-4240:03
リリース日:
2022/11/29 Tuesday - 13:40
題名:
gdisk-1.0.3-11.el8
影響のあるチャネル:
Asianux Server 8 for x86_64
Severity:
Moderate
Description:
以下項目について対処しました。
[Security Fix]
- gdisk の dpt.cc の LoadPartitionTable 関数には、
境界外書き込みの問題があるため、攻撃者により、悪意のある
USB デバイスを介して、特権昇格を可能とする脆弱性が
存在します。(CVE-2020-0256)
- gdisk の basicmbr.cc の ReadLogicalParts 関数には、
境界外書き込みの問題があるため、攻撃者により、悪意のある
ストレージデバイスを介して、特権昇格を可能とする脆弱性が
存在します。(CVE-2021-0308)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2020-0256
In LoadPartitionTable of gpt.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege when inserting a malicious USB device, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-8.0Android ID: A-152874864
In LoadPartitionTable of gpt.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege when inserting a malicious USB device, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-8.0Android ID: A-152874864
CVE-2021-0308
In ReadLogicalParts of basicmbr.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-8.1, Android-9, Android-10, Android-11, Android-8.0; Android ID: A-158063095.
In ReadLogicalParts of basicmbr.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-8.1, Android-9, Android-10, Android-11, Android-8.0; Android ID: A-158063095.
追加情報:
N/A
ダウンロード:
SRPMS
- gdisk-1.0.3-11.el8.src.rpm
MD5: 9d1595c966588513a4528ae84ce23cd4
SHA-256: f1f6a75f23a011b5075e44d689029ea8b110a6187b54d3b4dd6e7a2d96c8dd42
Size: 213.74 kB
Asianux Server 8 for x86_64
- gdisk-1.0.3-11.el8.x86_64.rpm
MD5: eb52ba74408d3ba055b3cbd5d5e09747
SHA-256: 358b9ad052f9c84aff598c54c7be79e5cf1d40383d86d0006a614a04a669b9b2
Size: 239.52 kB