The cpiosafername_suffix function in util.c in cpio 2.11 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted cpio file.
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "2.11+dfsg-1ubuntu1.2", "binary_name": "cpio" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "2.11+dfsg-5ubuntu1", "binary_name": "cpio" } ] }