CVE Database


Impact: Low
Public: 2005-11-07
Bugzilla: 229191: CVE-2005-4268 cpio large filesize buffer overflow


The MITRE CVE dictionary describes this issue as:

Buffer overflow in cpio 2.6-8.FC4 on 64-bit platforms, when creating a cpio archive, allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a file whose size is represented by more than 8 digits.

Find out more about CVE-2005-4268 from the MITRE CVE dictionary and NIST NVD.


This issue was addressed in Red Hat Enterprise Linux 4 via and in Red Hat Enterprise Linux 3 via
Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.

Red Hat security errata

Platform Errata Release Date
Red Hat Enterprise Linux version 3 (cpio) RHSA-2010:0145 March 16, 2010
Red Hat Enterprise Linux version 4 (cpio) RHSA-2007:0245 May 01, 2007

External References

This page is generated automatically and has not been checked for errors or omissions.

For clarification or corrections please contact the Red Hat Security Response Team.