安全公告/【CVE-2021-0308】

基本信息

漏洞名称:
受影响操作系统:Asianux
危险等级:中危
影响源码包:gdisk
CVSS评分:6.8
发现日期:2022-11-22
修复日期:
修复版本:gdisk-1.0.3-11

漏洞描述

In ReadLogicalParts of basicmbr.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-8.1, Android-9, Android-10, Android-11, Android-8.0; Android ID: A-158063095.

漏洞判定

执行命令yum info PackageName获取软件包版本号,版本小于修复版本,则受此漏洞影响,版本大于等于修复版本,则此漏洞已修复

修复方式

yum update PackageName

补丁

参考

https://access.redhat.com/security/cve/CVE-2021-0308 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0308 https://nvd.nist.gov/vuln/detail/CVE-2021-0308