USN-189-1: cpio vulnerabilities

29 September 2005

cpio vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 5.04
  • Ubuntu 4.10

Software Description

Details

Imran Ghory found a race condition in the handling of output files. While a file was unpacked with cpio, a local attacker with write permissions to the target directory could exploit this to change the permissions of arbitrary files of the cpio user. (CAN-2005-1111)

Imran Ghory discovered a path traversal vulnerability. Even when the –no-absolute-filenames option was specified, cpio did not filter out “..” path components. By tricking an user into unpacking a malicious cpio archive, this could be exploited to install files in arbitrary paths with the privileges of the user calling cpio. (CAN-2005-1229)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 5.04
cpio
Ubuntu 4.10
cpio

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

References