CVE-2014-9112

Synopsis Moderate: cpio security and bug fix update Type/Severity Security Advisory: Moderate Topic Updated cpio packages that fix one security issue and two bugs are now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having Moderate security impact A Common Vuln ...

Debian Bug report logs - #772793 cpio: CVE-2014-9112 Package: cpio; Maintainer for cpio is Anibal Monsalve Salazar <anibal@debianorg>; Source for cpio is src:cpio (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <jmm@inutilorg> Date: Thu, 11 Dec 2014 06:21:01 UTC Severity: grave Tags: security Found in versi ...

The GNU cpio program could be made to crash or run programs if it opened a specially crafted file or received specially crafted input ...

Michal Zalewski discovered an out of bounds write issue in cpio, a tool for creating and extracting cpio archive files In the process of fixing that issue, the cpio developers found and fixed additional range checking and null pointer dereference issues For the stable distribution (wheezy), this problem has been fixed in version 211+dfsg-01+deb ...