Richard Harms

**Name of the Vulnerable Software and Affected Versions** cpio version 2.6-8.FC4 **Description** A buffer overflow issue exists when creating a cpio archive on 64-bit platforms, allowing local users to cause a denial of service (crash) and possibly execute arbitrary code via a file whose size is represented by more than 8 digits. **Recommendations** For cpio version 2.6-8.FC4, consider updating to a newer version that addresses this issue, as using files with sizes represented by more than 8 digits may trigger the buffer overflow. At the moment, there is no information about a newer version that contains a fix for this vulnerability.