Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 768762 (CVE-2021-0308) - <sys-apps/gptfdisk-1.0.6: Out of bounds write in ReadLogicalParts (CVE-2021-0308)
Summary: <sys-apps/gptfdisk-1.0.6: Out of bounds write in ReadLogicalParts (CVE-2021-0...
Status: RESOLVED FIXED
Alias: CVE-2021-0308
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal major (vote)
Assignee: Gentoo Security
URL:
Whiteboard: B1 [glsa+ cve]
Keywords:
Depends on:
Blocks:
 
Reported: 2021-02-05 04:06 UTC by Sam James
Modified: 2021-05-26 08:05 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Sam James archtester gentoo-dev Security 2021-02-05 04:06:03 UTC
Description:
"In ReadLogicalParts of basicmbr.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-8.1, Android-9, Android-10, Android-11, Android-8.0; Android ID: A-158063095."

See https://sourceforge.net/p/gptfdisk/mailman/message/37196701/.
Comment 1 Sam James archtester gentoo-dev Security 2021-02-05 04:06:47 UTC
I'm not sure how exploitable this is without control over a disk in the first place. So, I'll call it B1 for now, but I think we need to discuss this.
Comment 2 Thomas Deutschmann gentoo-dev Security 2021-02-14 14:42:30 UTC
@ maintainer(s): Could you please bump to v1.0.6.1 first (https://sourceforge.net/p/gptfdisk/code/ci/f063fe08e424c99f133df18bf9dce49c851bcb0a/) before stabilize?
Comment 3 Sam James archtester gentoo-dev Security 2021-02-15 08:40:03 UTC
ppc64 done
Comment 4 Sam James archtester gentoo-dev Security 2021-02-16 19:20:46 UTC
arm done
Comment 5 Rolf Eike Beer archtester 2021-02-16 20:14:05 UTC
sparc stable
Comment 6 Sam James archtester gentoo-dev Security 2021-02-17 01:01:09 UTC
ppc done
Comment 7 Sam James archtester gentoo-dev Security 2021-02-17 03:55:24 UTC
amd64 done
Comment 8 Sam James archtester gentoo-dev Security 2021-02-17 03:56:19 UTC
arm64 done
Comment 9 Sam James archtester gentoo-dev Security 2021-02-17 20:53:26 UTC
x86 done

all arches done
Comment 10 John Helmert III gentoo-dev Security 2021-02-17 21:00:34 UTC
Please cleanup
Comment 11 Thomas Deutschmann gentoo-dev Security 2021-05-25 22:43:49 UTC
New GLSA request filed.
Comment 12 GLSAMaker/CVETool Bot gentoo-dev 2021-05-26 08:05:50 UTC
This issue was resolved and addressed in
 GLSA 202105-03 at https://security.gentoo.org/glsa/202105-03
by GLSA coordinator Thomas Deutschmann (whissi).