{"id":"ASB-A-158063095","details":"In ReadLogicalParts of basicmbr.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.","aliases":["A-158063095","CVE-2021-0308"],"modified":"2026-04-03T15:37:31.002635Z","published":"2021-01-01T00:00:00Z","references":[{"type":"ADVISORY","url":"https://source.android.com/security/bulletin/2021-01-01"},{"type":"FIX","url":"https://android.googlesource.com/platform/external/gptfdisk/+/6d369451868ce71618144c4f4bd645ae48f0d1c5"}],"affected":[{"package":{"name":"platform/external/gptfdisk","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"8.0:0"},{"fixed":"8.0:2021-01-01"}]}],"versions":["8.0"],"ecosystem_specific":{"severity":"High","vanir_signatures":[{"deprecated":false,"signature_type":"Function","digest":{"function_hash":"258593186599205374699246691488898125943","length":2133},"target":{"function":"BasicMBRData::ReadLogicalParts","file":"basicmbr.cc"},"source":"https://android.googlesource.com/platform/external/gptfdisk/+/6d369451868ce71618144c4f4bd645ae48f0d1c5","id":"ASB-A-158063095-11339f55","signature_version":"v1"},{"deprecated":false,"signature_type":"Line","digest":{"threshold":0.9,"line_hashes":["205706127123916698108562926314364217798","287717961984034329341468240971041014386","77849535185068701593291272537290259547","304657516902678543681832869878364972184"]},"target":{"file":"basicmbr.cc"},"source":"https://android.googlesource.com/platform/external/gptfdisk/+/6d369451868ce71618144c4f4bd645ae48f0d1c5","id":"ASB-A-158063095-8a285ff6","signature_version":"v1"}],"types":["EoP"],"fixes":["https://android.googlesource.com/platform/external/gptfdisk/+/6d369451868ce71618144c4f4bd645ae48f0d1c5"],"spl":"2021-01-01"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-158063095.json"}},{"package":{"name":"platform/external/gptfdisk","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"8.1:0"},{"fixed":"8.1:2021-01-01"}]}],"versions":["8.1"],"ecosystem_specific":{"severity":"High","vanir_signatures":[{"deprecated":false,"signature_type":"Line","digest":{"threshold":0.9,"line_hashes":["205706127123916698108562926314364217798","287717961984034329341468240971041014386","77849535185068701593291272537290259547","304657516902678543681832869878364972184"]},"target":{"file":"basicmbr.cc"},"source":"https://android.googlesource.com/platform/external/gptfdisk/+/6d369451868ce71618144c4f4bd645ae48f0d1c5","id":"ASB-A-158063095-6a78b920","signature_version":"v1"},{"deprecated":false,"signature_type":"Function","digest":{"function_hash":"258593186599205374699246691488898125943","length":2133},"target":{"function":"BasicMBRData::ReadLogicalParts","file":"basicmbr.cc"},"source":"https://android.googlesource.com/platform/external/gptfdisk/+/6d369451868ce71618144c4f4bd645ae48f0d1c5","id":"ASB-A-158063095-d6174cd8","signature_version":"v1"}],"types":["EoP"],"fixes":["https://android.googlesource.com/platform/external/gptfdisk/+/6d369451868ce71618144c4f4bd645ae48f0d1c5"],"spl":"2021-01-01"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-158063095.json"}},{"package":{"name":"platform/external/gptfdisk","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"9:0"},{"fixed":"9:2021-01-01"}]}],"versions":["9"],"ecosystem_specific":{"severity":"High","vanir_signatures":[{"deprecated":false,"signature_type":"Line","digest":{"threshold":0.9,"line_hashes":["205706127123916698108562926314364217798","287717961984034329341468240971041014386","77849535185068701593291272537290259547","304657516902678543681832869878364972184"]},"target":{"file":"basicmbr.cc"},"source":"https://android.googlesource.com/platform/external/gptfdisk/+/6d369451868ce71618144c4f4bd645ae48f0d1c5","id":"ASB-A-158063095-379014a0","signature_version":"v1"},{"deprecated":false,"signature_type":"Function","digest":{"function_hash":"258593186599205374699246691488898125943","length":2133},"target":{"function":"BasicMBRData::ReadLogicalParts","file":"basicmbr.cc"},"source":"https://android.googlesource.com/platform/external/gptfdisk/+/6d369451868ce71618144c4f4bd645ae48f0d1c5","id":"ASB-A-158063095-7cee4170","signature_version":"v1"}],"types":["EoP"],"fixes":["https://android.googlesource.com/platform/external/gptfdisk/+/6d369451868ce71618144c4f4bd645ae48f0d1c5"],"spl":"2021-01-01"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-158063095.json"}},{"package":{"name":"platform/external/gptfdisk","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"10:0"},{"fixed":"10:2021-01-01"}]}],"versions":["10"],"ecosystem_specific":{"severity":"High","vanir_signatures":[{"deprecated":false,"signature_type":"Line","digest":{"threshold":0.9,"line_hashes":["205706127123916698108562926314364217798","287717961984034329341468240971041014386","77849535185068701593291272537290259547","304657516902678543681832869878364972184"]},"target":{"file":"basicmbr.cc"},"source":"https://android.googlesource.com/platform/external/gptfdisk/+/6d369451868ce71618144c4f4bd645ae48f0d1c5","id":"ASB-A-158063095-26cfa8e9","signature_version":"v1"},{"deprecated":false,"signature_type":"Function","digest":{"function_hash":"258593186599205374699246691488898125943","length":2133},"target":{"function":"BasicMBRData::ReadLogicalParts","file":"basicmbr.cc"},"source":"https://android.googlesource.com/platform/external/gptfdisk/+/6d369451868ce71618144c4f4bd645ae48f0d1c5","id":"ASB-A-158063095-3f466518","signature_version":"v1"}],"types":["EoP"],"fixes":["https://android.googlesource.com/platform/external/gptfdisk/+/6d369451868ce71618144c4f4bd645ae48f0d1c5"],"spl":"2021-01-01"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-158063095.json"}},{"package":{"name":"platform/external/gptfdisk","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"11:0"},{"fixed":"11:2021-01-01"}]}],"versions":["11"],"ecosystem_specific":{"severity":"High","vanir_signatures":[{"deprecated":false,"signature_type":"Line","digest":{"threshold":0.9,"line_hashes":["205706127123916698108562926314364217798","287717961984034329341468240971041014386","77849535185068701593291272537290259547","304657516902678543681832869878364972184"]},"target":{"file":"basicmbr.cc"},"source":"https://android.googlesource.com/platform/external/gptfdisk/+/6d369451868ce71618144c4f4bd645ae48f0d1c5","id":"ASB-A-158063095-2f90ec23","signature_version":"v1"},{"deprecated":false,"signature_type":"Function","digest":{"function_hash":"258593186599205374699246691488898125943","length":2133},"target":{"function":"BasicMBRData::ReadLogicalParts","file":"basicmbr.cc"},"source":"https://android.googlesource.com/platform/external/gptfdisk/+/6d369451868ce71618144c4f4bd645ae48f0d1c5","id":"ASB-A-158063095-4aaf3c0a","signature_version":"v1"}],"types":["EoP"],"fixes":["https://android.googlesource.com/platform/external/gptfdisk/+/6d369451868ce71618144c4f4bd645ae48f0d1c5"],"spl":"2021-01-01"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-158063095.json"}}],"schema_version":"1.7.5"}