安全公告/【CVE-2020-0256】

基本信息

漏洞描述

In LoadPartitionTable of gpt.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege when inserting a malicious USB device, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-8.0Android ID: A-152874864

漏洞判定

执行命令yum info PackageName获取软件包版本号，版本小于修复版本，则受此漏洞影响，版本大于等于修复版本，则此漏洞已修复

修复方式

yum update PackageName

参考

https://access.redhat.com/security/cve/CVE-2020-0256 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0256 https://nvd.nist.gov/vuln/detail/CVE-2020-0256