Arch Linux alert ASA-202101-34 (gptfdisk)

From:
               Morten Linderud via arch-security <arch-security@lists.archlinux.org>
To:
               arch-security@archlinux.org
Subject:
               [ASA-202101-34] gptfdisk: arbitrary code execution
Date:
               Thu, 28 Jan 2021 23:00:19 +0100
Message-ID:
               <20210128220019.dyfusaq4fgv6ybka@anathema>
Cc:
               Morten Linderud <foxboron@archlinux.org>
Arch Linux Security Advisory ASA-202101-34
==========================================

Severity: Medium
Date    : 2021-01-20
CVE-ID  : CVE-2021-0308
Package : gptfdisk
Type    : arbitrary code execution
Remote  : No
Link    : https://security.archlinux.org/AVG-1435

Summary
=======

The package gptfdisk before version 1.0.6-1 is vulnerable to arbitrary
code execution.

Resolution
==========

Upgrade to 1.0.6-1.

# pacman -Syu "gptfdisk>=1.0.6-1"

The problem has been fixed upstream in version 1.0.6.

Workaround
==========

None.

Description
===========

A security issue was found in GPT fdisk before version 1.0.6. In
ReadLogicalParts of basicmbr.cc, there is a possible out of bounds
write due to a missing bounds check.

Impact
======

A badly formatted MBR disk could execute arbitrary code.

References
==========

https://source.android.com/security/bulletin/2021-01-01#s...
https://android.googlesource.com/platform/external/gptfdi...
https://sourceforge.net/p/gptfdisk/code/ci/f523bbc0c2437f...
https://security.archlinux.org/CVE-2021-0308

From:		Morten Linderud via arch-security <arch-security@lists.archlinux.org>
To:		arch-security@archlinux.org
Subject:		[ASA-202101-34] gptfdisk: arbitrary code execution
Date:		Thu, 28 Jan 2021 23:00:19 +0100
Message-ID:		<20210128220019.dyfusaq4fgv6ybka@anathema>
Cc:		Morten Linderud <foxboron@archlinux.org>