CVE-2010-0624
Published: 15 March 2010
Heap-based buffer overflow in the rmt_read__ function in lib/rtapelib.c in the rmt client functionality in GNU tar before 1.23 and GNU cpio before 2.11 allows remote rmt servers to cause a denial of service (memory corruption) or possibly execute arbitrary code by sending more data than was requested, related to archive filenames that contain a : (colon) character.
Notes
Author | Note |
---|---|
sbeattie | both tar and cpio get their rmt client from paxutils |
Priority
Status
Package | Release | Status |
---|---|---|
cpio Launchpad, Ubuntu, Debian |
upstream |
Needed
|
dapper |
Ignored
(end of life)
|
|
hardy |
Ignored
(end of life)
|
|
intrepid |
Ignored
(end of life, was needed)
|
|
jaunty |
Ignored
(end of life)
|
|
karmic |
Ignored
(end of life)
|
|
lucid |
Released
(2.10-1ubuntu2.1)
|
|
maverick |
Not vulnerable
(2.11-4ubuntu1)
|
|
natty |
Not vulnerable
(2.11-4ubuntu1)
|
|
oneiric |
Not vulnerable
(2.11-4ubuntu1)
|
|
precise |
Not vulnerable
(2.11-4ubuntu1)
|
|
quantal |
Not vulnerable
(2.11-4ubuntu1)
|
|
raring |
Not vulnerable
(2.11-4ubuntu1)
|
|
saucy |
Not vulnerable
(2.11-4ubuntu1)
|
|
trusty |
Not vulnerable
(2.11-4ubuntu1)
|
|
utopic |
Not vulnerable
(2.11-4ubuntu1)
|
|
vivid |
Not vulnerable
(2.11-4ubuntu1)
|
|
Patches: vendor: https://rhn.redhat.com/errata/RHSA-2010-0143.html upstream: http://git.savannah.gnu.org/cgit/paxutils.git/diff/lib/rtapelib.c?id=9bc39283e4cc6ab9e5913ccbf766998eab4ff093 |
||
tar Launchpad, Ubuntu, Debian |
dapper |
Ignored
(end of life)
|
hardy |
Ignored
(end of life)
|
|
intrepid |
Ignored
(end of life, was needed)
|
|
jaunty |
Ignored
(end of life)
|
|
karmic |
Ignored
(end of life)
|
|
lucid |
Ignored
(end of life)
|
|
maverick |
Ignored
(end of life)
|
|
natty |
Not vulnerable
(1.23-3)
|
|
oneiric |
Not vulnerable
(1.23-3)
|
|
precise |
Not vulnerable
(1.23-3)
|
|
quantal |
Not vulnerable
(1.23-3)
|
|
raring |
Not vulnerable
(1.23-3)
|
|
saucy |
Not vulnerable
(1.23-3)
|
|
trusty |
Not vulnerable
(1.23-3)
|
|
upstream |
Needed
|
|
utopic |
Not vulnerable
(1.23-3)
|
|
vivid |
Not vulnerable
(1.23-3)
|
|
Patches: vendor: https://rhn.redhat.com/errata/RHSA-2010-0142.html upstream: http://git.savannah.gnu.org/cgit/paxutils.git/diff/lib/rtapelib.c?id=9bc39283e4cc6ab9e5913ccbf766998eab4ff093 |