PT-2021-4457 · Gnu+10 · Gnu Cpio+10

Maverick Chung

·

Published

2021-08-07

·

Updated

2025-06-09

·

CVE-2021-38185

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions GNU cpio versions 2.13 and earlier
Description The issue is caused by an integer overflow in the dstring.c component of the GNU cpio package, specifically in the ds fgetstr function. This overflow triggers an out-of-bounds heap write, allowing attackers to execute arbitrary code via a crafted pattern file associated with the -E option. It is unclear whether there are common cases where the pattern file is untrusted data.
Recommendations For GNU cpio versions 2.13 and earlier, consider disabling the use of crafted pattern files with the -E option until a patch is available. As a temporary workaround, restrict the use of the ds fgetstr function in the dstring.c component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Integer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-190

Related Identifiers

ALSA-2022:1991
ALT-PU-2023-5721
ALT-PU-2025-5537
ALT-PU-2025-5539
AZL-6357
BDU:2021-05090
CESA-2022_1991
CVE-2021-38185
DLA-3445-1
MGASA-2021-0423
OESA-2021-1325
OPENSUSE-SU-2021_2689-1
OPENSUSE-SU-2024:10697-1
RHSA-2022:1991
RHSA-2022_1991
RLSA-2022:1991
SUSE-RU-2021:2779-1
SUSE-RU-2021:2780-1
SUSE-SU-2021:14777-1
SUSE-SU-2021:14788-1
SUSE-SU-2021:2686-1
SUSE-SU-2021:2689-1
SUSE-SU-2021:2808-1
SUSE-SU-2021_14777-1
SUSE-SU-2021_14788-1
SUSE-SU-2021_2686-1
SUSE-SU-2021_2689-1
SUSE-SU-2021_2808-1
USN-5064-1
USN-5064-2
USN-5064-3

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Gnu Cpio
Linuxmint
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu