Description
An issue was discovered in klibc before 2.0.9. An integer overflow in the
cpio command may result in a NULL pointer dereference on 64-bit systems.
Notes
| mdeslaur | only used in initramfs, doesn't parse untrusted data |
Package
| Upstream: | released
(2.0.8-6)
|
| Ubuntu 18.04 LTS: | released
(2.0.4-9ubuntu2.1)
|
| Ubuntu 20.04 LTS: | released
(2.0.7-1ubuntu5.1)
|
| Ubuntu 21.10: | not-affected
(2.0.8-6.1ubuntu2)
|
| Ubuntu 16.04 ESM: | released
(2.0.4-8ubuntu1.16.04.4+esm1)
|
| Ubuntu 22.04 LTS: | not-affected
(2.0.8-6.1ubuntu2)
|
| Ubuntu 14.04 ESM: | released
(2.0.3-0ubuntu1.14.04.3+esm2)
|
Patches:
Updated: 2022-04-25 00:55:20 UTC (commit ecc1009cb19540b950de59270950018900f37f15)