StarlingX

[Debian] High CVE: CVE-2021-38185 cpio: integer overflow that triggers an out-of-bounds heap write

Bug #2038793 reported by Yue Tao
256
This bug affects 1 person
Affects Status Importance Assigned to Milestone
StarlingX
Fix Released
High
hqbai

Bug Description

CVE-2021-38185: https://nvd.nist.gov/vuln/detail/CVE-2021-38185

GNU cpio through 2.13 allows attackers to execute arbitrary code via a crafted pattern file, because of a dstring.c ds_fgetstr integer overflow that triggers an out-of-bounds heap write. NOTE: it is unclear whether there are common cases where the pattern file, associated with the -E option, is untrusted data.

Base Score: High

Reference:

['cpio_2.13+dfsg-4_amd64.deb===>cpio_2.13+dfsg-7.1~deb11u1_amd64.deb']

CVE References

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to tools (master)

Fix proposed to branch: master
Review: https://review.opendev.org/c/starlingx/tools/+/899014

Changed in starlingx:
status: Triaged → In Progress
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to tools (master)

Reviewed: https://review.opendev.org/c/starlingx/tools/+/899014
Committed: https://opendev.org/starlingx/tools/commit/088800706609b76c3da0b4919260106f960e4d63
Submitter: "Zuul (22348)"
Branch: master

commit 088800706609b76c3da0b4919260106f960e4d63
Author: Haiqing Bai <email address hidden>
Date: Mon Oct 23 11:22:40 2023 +0800

    Debian: cpio: fix CVE-2021-38185

    Upgraded cpio to cpio_2.13+dfsg-7.1~deb11u1_amd64.deb

    Refer to:
    https://security-tracker.debian.org/tracker/CVE-2021-38185

    Test Plan:
    Pass: downloader
    Pass: build-pkgs --clean --all
    Pass: build-image
    Pass: boot

    Closes-bug: #2038793
    Change-Id: Id4e3339627c1b5cfe06a0482036ec953f6a1b265
    Signed-off-by: Haiqing Bai <email address hidden>

Changed in starlingx:
status: In Progress → Fix Released
Ghada Khalil (gkhalil)
Changed in starlingx:
assignee: nobody → hqbai (hbai)
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.