CVE-2014-9112

EPSS 1.3%

cpio - security update

發布日:2014/12/2修改日:2026/4/28

也稱為:DEBIAN-CVE-2014-9112

描述

Heap-based buffer overflow in the process_copy_in function in GNU Cpio 2.11 allows remote attackers to cause a denial of service via a large block value in a cpio archive.

受影響套件(3)

Debian/cpiofrom 0, < 2.11+dfsg-4
Debian/cpiofrom 0, < 2.11-4+deb6u1
Debian/cpiofrom 0, < 2.11+dfsg-0.1+deb7u1

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2014-9112