CVE-2014-9112
published 2014-12-02CVE-2014-9112: Heap-based buffer overflow in the process_copy_in function in GNU Cpio 2.11 allows remote attackers to cause a denial of service via a large block value in a…
medium5CVSS 3.1
AVNACLAuNCNINAP
Heap-based buffer overflow in the process_copy_in function in GNU Cpio 2.11 allows remote attackers to cause a denial of service via a large block value in a cpio archive.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | cpio | < cpio 2.11+dfsg-4 (bookworm) | cpio 2.11+dfsg-4 (bookworm) |
| debian | debian_linux | — | — |
| gnu | cpio | — | — |
| gnu | cpio | >= 0 < 2.11+dfsg-4 | 2.11+dfsg-4 |
| gnu | cpio | >= 0 < 2.11+dfsg-4 | 2.11+dfsg-4 |
| gnu | cpio | >= 0 < 2.11+dfsg-4 | 2.11+dfsg-4 |
| gnu | cpio | >= 0 < 2.11+dfsg-4 | 2.11+dfsg-4 |
| gnu | cpio | >= 0 < 2.11+dfsg-1ubuntu1.1 | 2.11+dfsg-1ubuntu1.1 |
CVSS provenance
nvd5.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
osv6.8MEDIUM