[arch-security] [ASA-201501-5] cpio: heap buffer overflow

Levente Polyak anthraxx at archlinux.org
Wed Jan 14 16:26:49 UTC 2015


Arch Linux Security Advisory ASA-201501-5
=========================================

Severity: Medium
Date    : 2015-01-14
CVE-ID  : CVE-2014-9112
Package : cpio
Type    : heap buffer overflow
Remote  : Yes
Link    : https://wiki.archlinux.org/index.php/CVE

Summary
=======

The package cpio before version 2.11-5 is vulnerable to a heap buffer
overflow.

Resolution
==========

Upgrade to 2.11-5.

# pacman -Syu "cpio>=2.11-5"

The problem has been fixed upstream but no release is available yet.

Workaround
==========

None.

Description
===========

A heap-based buffer overflow flaw was reported in cpio's list_file()
function. Attempting to extract a malicious cpio archive could cause
cpio to crash or, potentially, execute arbitrary code.
As noted in the original report, this issue could be trigger via other
utilities, such as when running "less".

Impact
======

An attacker is able to craft a malicious cpio archive which could cause
cpio to crash or, potentially, execute arbitrary code. This issue could
also be trigger via other utilities, such as when running "less".

References
==========

http://seclists.org/oss-sec/2014/q4/818
https://savannah.gnu.org/bugs/?43709
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9112

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <https://lists.archlinux.org/pipermail/arch-security/attachments/20150114/56112285/attachment.asc>


More information about the arch-security mailing list