|Bugzilla:||229191: CVE-2005-4268 cpio large filesize buffer overflow|
The MITRE CVE dictionary describes this issue as:
Buffer overflow in cpio 2.6-8.FC4 on 64-bit platforms, when creating a cpio archive, allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a file whose size is represented by more than 8 digits.
This issue was addressed in Red Hat Enterprise Linux 4 via https://rhn.redhat.com/errata/RHSA-2007-0245.html and in Red Hat Enterprise Linux 3 via https://rhn.redhat.com/errata/RHSA-2010-0145.html.
Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.
Red Hat security errata
|Red Hat Enterprise Linux version 3 (cpio)||RHSA-2010:0145||March 16, 2010|
|Red Hat Enterprise Linux version 4 (cpio)||RHSA-2007:0245||May 01, 2007|
This page is generated automatically and has not been checked for errors or omissions.
For clarification or corrections please contact the Red Hat Security Response Team.