CVE-2021-38185

Name
CVE-2021-38185
Description
GNU cpio through 2.13 allows attackers to execute arbitrary code via a crafted pattern file, because of a dstring.c ds_fgetstr integer overflow that triggers an out-of-bounds heap write. NOTE: it is unclear whether there are common cases where the pattern file, associated with the -E option, is untrusted data.
NVD Severity
unknown
Other trackers
CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia
Mailing lists
oss-security, full-disclosure, bugtraq
Exploits
Exploit DB, Metasploit
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
MISC https://github.com/fangqyi/cpiopwn
MISC https://lists.gnu.org/archive/html/bug-cpio/2021-08/msg00002.html
MISC https://lists.gnu.org/archive/html/bug-cpio/2021-08/msg00000.html
MISC https://git.savannah.gnu.org/cgit/cpio.git/commit/?id=dd96882877721703e19272fe25034560b794061b
cve@mitre.org https://lists.debian.org/debian-lts-announce/2023/06/msg00007.html

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:gnu:cpio:*:*:*:*:*:*:*:* cpio >= None <= 2.13

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
cpio edge-community 2.13-r4 Stuart Cardall <developer@it-offshore.co.uk> fixed
cpio edge-community 2.13-r3 Stuart Cardall <developer@it-offshore.co.uk> fixed
cpio edge-community 2.13-r2 Stuart Cardall <developer@it-offshore.co.uk> fixed
cpio edge-community 2.13-r0 None possibly vulnerable
cpio edge-community 2.12-r3 None possibly vulnerable
cpio 3.22-community 2.13-r2 None fixed
cpio 3.22-community 2.13-r0 None possibly vulnerable
cpio 3.22-community 2.12-r3 None possibly vulnerable
cpio 3.21-community 2.13-r2 None fixed
cpio 3.20-community 2.13-r2 None fixed
cpio 3.19-community 2.13-r2 None fixed
cpio 3.18-community 2.13-r2 None fixed
cpio 3.17-community 2.13-r3 Stuart Cardall <developer@it-offshore.co.uk> fixed
cpio 3.17-community 2.13-r2 None fixed