Heap-based Buffer Overflow in GNU Cpio Affects Remote Operations
CVE-2014-9112
Currently unrated
Summary
The heap-based buffer overflow vulnerability in GNU Cpio version 2.11 arises from improper handling of a large block value during the execution of the process_copy_in function. This issue allows remote attackers to exploit the vulnerability, potentially leading to a denial of service condition. It poses significant risks to systems processing cpio archives, as attackers can craft malicious archives to trigger this exploitation, disrupt service, and compromise the integrity of operations relying on GNU Cpio.
References
Timeline
Vulnerability published
Vulnerability Reserved