ELA-360-1 gdisk security update
ELA-360-1 gdisk security update
Package gdisk
Version 0.8.10-2+deb8u1
Related CVEs CVE-2020-0256 CVE-2021-0308
CVE-2020-0256
In LoadPartitionTable of gpt.cc, there is a possible
out of bounds write due to a missing bounds check. This
could lead to local escalation of privilege with no
additional execution privileges needed.
CVE-2021-0308
In ReadLogicalParts of basicmbr.cc, there is a possible
out of bounds write due to a missing bounds check. This
could lead to local escalation of privilege with no
additional execution privileges needed.
For Debian 8 jessie, these problems have been fixed in version 0.8.10-2+deb8u1.
We recommend that you upgrade your gdisk packages.
Further information about Extended LTS security advisories can be found at: https://deb.freexian.com/extended-lts/
A gdisk security update has been released for Debian GNU/Linux 8 Extended LTS to address two security issues.
