Your submission was sent successfully! Close

CVE-2014-8118

Published: 16 December 2014

Integer overflow in RPM 4.12 and earlier allows remote attackers to execute arbitrary code via a crafted CPIO header in the payload section of an RPM file, which triggers a stack-based buffer overflow.

Priority

Medium

Status

Package Release Status
rpm
Launchpad, Ubuntu, Debian
lucid Ignored
(reached end-of-life)
precise
Released (4.9.1.1-1ubuntu0.3)
trusty
Released (4.11.1-3ubuntu0.1)
upstream
Released (4.11.3-1.1)
utopic
Released (4.11.2-3ubuntu0.1)