Your submission was sent successfully! Close

USN-189-1: cpio vulnerabilities

29 September 2005

cpio vulnerabilities



Imran Ghory found a race condition in the handling of output files.
While a file was unpacked with cpio, a local attacker with write
permissions to the target directory could exploit this to change the
permissions of arbitrary files of the cpio user. (CAN-2005-1111)

Imran Ghory discovered a path traversal vulnerability. Even when the
--no-absolute-filenames option was specified, cpio did not filter out
".." path components. By tricking an user into unpacking a malicious
cpio archive, this could be exploited to install files in arbitrary
paths with the privileges of the user calling cpio. (CAN-2005-1229)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 5.04
  • cpio -
Ubuntu 4.10
  • cpio -

In general, a standard system update will make all the necessary changes.