CVE-2021-31872

Name of the Vulnerable Software and Affected Versions klibc versions prior to 2.0.9

Description An issue in the cpio command on 32-bit systems may result in a buffer overflow or other security impact due to multiple possible integer overflows. This could allow a remote attacker to access confidential data, compromise data integrity, and cause a denial of service.

Recommendations For versions prior to 2.0.9, update to version 2.0.9 or later to resolve the issue. As a temporary workaround, consider restricting the use of the cpio command on 32-bit systems until a patch is applied.