=======================================================================
title : Partclone Restore Heap Overflow
product : Partclone
version : 0.2.87
homepage : http://partclone.org/
found : 2016-01-17
by : David Gnedt
=======================================================================
Vendor description:
-------------------
Partclone is a partition imaging tool. Partclone is shipped by various
Linux distributions and used by specialized disk cloning systems like
DRBL (http://drbl.org/), Clonezilla (http://clonezilla.org/),
Redo Backup (http://redobackup.org/), ...
Vulnerability overview/description:
-----------------------------------
partclone.restore is prone to a heap-based buffer overflow
vulnerability due to insufficient validation of the partclone image
header. An attacker may be able to execute arbitrary code in the
context of the user running the affected application.
<details stripped until public fix is available>
Proof of concept:
-----------------
<details stripped until public fix is available>
Vulnerable/tested versions:
---------------------------
The vulnerability is verified to exist in 0.2.87 of Partclone, which is
the most recent version at the time of discovery.
Older versions are probably affected as well.
The text was updated successfully, but these errors were encountered:
It looks like the commit 6a16978 does not fully solve the problem. I only quickly tested versions 0.2.88 and 0.2.89. I will look into more thoroughly it in the next days.
lxp
changed the title
Restore Heap Overflow
CVE-2016-10721: Restore Heap Overflow
May 2, 2018
The text was updated successfully, but these errors were encountered: