GLSA Advocate
Joined: 12 May 2004 Posts: 2663
|
Posted: Tue Nov 22, 2016 5:26 pm Post subject: [ GLSA 201611-20 ] TestDisk |
|
|
Gentoo Linux Security Advisory
Title: TestDisk: User-assisted execution of arbitrary code (GLSA 201611-20)
Severity: normal
Exploitable: local, remote
Date: November 22, 2016
Bug(s): #548258
ID: 201611-20
Synopsis
A buffer overflow in TestDisk might allow remote attackers to
execute arbitrary code.
Background
TestDisk is powerful free data recovery software! It was primarily
designed to help recover lost partitions and/or make non-booting disks
bootable again when these symptoms are caused by faulty software: certain
types of viruses or human error (such as accidentally deleting a
Partition Table). Partition table recovery using TestDisk is really easy.
Affected Packages
Package: app-admin/testdisk
Vulnerable: < 7.0-r2
Unaffected: >= 7.0-r2
Architectures: All supported architectures
Description
A buffer overflow can be triggered within TestDisk when a malicious disk
image is attempting to be recovered.
Impact
A remote attacker could coerce the victim to run TestDisk against their
malicious image. This may be leveraged by an attacker to crash TestDisk
and gain control of program execution.
Workaround
There is no known workaround at this time.
Resolution
All TestDisk users should upgrade to the latest version: Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=app-admin/testdisk-7.0-r2"
|
References
TestDisk check_OS2MB Stack Buffer overflow
|
|