Your submission was sent successfully! Close

CVE-2016-2037

Published: 22 January 2016

The cpio_safer_name_suffix function in util.c in cpio 2.11 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted cpio file.

Priority

Medium

CVSS 3 base score: 6.5

Status

Package Release Status
cpio
Launchpad, Ubuntu, Debian
precise
Released (2.11-7ubuntu3.2)
trusty
Released (2.11+dfsg-1ubuntu1.2)
upstream Needed

vivid Ignored
(reached end-of-life)
wily
Released (2.11+dfsg-4.1ubuntu1.1)
xenial
Released (2.11+dfsg-5ubuntu1)
yakkety
Released (2.11+dfsg-5ubuntu1)
zesty
Released (2.11+dfsg-5ubuntu1)