CVE-2014-9112

Currently unrated

Key Information:

Vendor: Gnu
Status: Cpio
Vendor: CVE Published:; 2 December 2014

Summary

Heap-based buffer overflow in the process_copy_in function in GNU Cpio 2.11 allows remote attackers to cause a denial of service via a large block value in a cpio archive.

References

http://secunia.com/advisories/62145

third-party-advisoryx_refsource_SECUNIA

http://secunia.com/advisories/60167

third-party-advisoryx_refsource_SECUNIA

https://exchange.xforce.ibmcloud.com/vulnerabilities/98918

vdb-entryx_refsource_XF

EPSS Score

1% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Dec 2, 2014
Vulnerability Reserved
Nov 26, 2014