drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Zwei Probleme in gdisk
Name: |
Zwei Probleme in gdisk |
|
ID: |
USN-5262-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 16.04 ESM |
|
Datum: |
Fr, 4. Februar 2022, 07:27 |
|
Referenzen: |
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0256
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0308 |
|
Applikationen: |
gdisk |
|
Originalnachricht |
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --===============2415097826449099121== Content-Language: en-US Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="------------Wk0Pnc3YIddoUORJNZkmUyAC"
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --------------Wk0Pnc3YIddoUORJNZkmUyAC Content-Type: multipart/mixed; boundary="------------dRJwCB0uQb6E2yOSFJL26pA1"; protected-headers="v1" From: Ian Constantin <ian.constantin@canonical.com> Reply-To: Ubuntu Security <security@ubuntu.com> To: ubuntu-security-announce@lists.ubuntu.com Message-ID: <4937220d-d9ed-37f6-82e7-ca5ab80f078b@canonical.com> Subject: [USN-5262-1] GPT fdisk vulnerabilities
--------------dRJwCB0uQb6E2yOSFJL26pA1 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: base64
========================================================================== Ubuntu Security Notice USN-5262-1 February 03, 2022
gdisk vulnerabilities ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 ESM
Summary:
The sgdisk utility of GPT fdisk could be made to crash or possibly allow for elevated privileges.
Software Description: - gdisk: GPT fdisk text-mode partitioning tool
Details:
The potential for an out of bounds write due to a missing bounds check was discovered to impact the sgdisk utility of GPT fdisk. Exploitation requires the use of a maliciously formatted storage device and could cause sgdisk to crash as well as possibly allow for local privilege escalation.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 16.04 ESM: gdisk 1.0.1-1ubuntu0.1~esm2
In general, a standard system update will make all the necessary changes.
References: https://ubuntu.com/security/notices/USN-5262-1 CVE-2020-0256, CVE-2021-0308
|
|
|
|