CVE-2021-38185

7.8HIGH

Key Information:

Vendor
Gnu
Status
Cpio
Vendor
CVE Published:
8 August 2021

Badges

πŸ‘Ύ Exploit Exists🟑 Public PoC

Summary

GNU cpio through 2.13 allows attackers to execute arbitrary code via a crafted pattern file, because of a dstring.c ds_fgetstr integer overflow that triggers an out-of-bounds heap write. NOTE: it is unclear whether there are common cases where the pattern file, associated with the -E option, is untrusted data.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

cpiopwn
Created by fangqyi

References

https://github.com/fangqyi/cpiopwn
https://lists.gnu.org/archive/html/bug-cpio/2021-08/msg00...
https://lists.gnu.org/archive/html/bug-cpio/2021-08/msg00...

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

  • 🟑

    Public PoC available

  • πŸ‘Ύ

    Exploit known to exist

.