CVE-2016-2037
CVE-2016-2037
| Published Date | 2025-05-01 |
|---|---|
| Product | centos |
| Severity | Medium (6.5) |
| Component | cpio |
| Affected Versions | CentOS 7 |
| Patched Versions | cpio-2.11-28_ol001.el7 |
CVE Details
NVD Listing: NVD - CVE-2016-2037
- Backported patch to fix CVE-2016-2037
The cpio_safer_name_suffix function in util.c in cpio 2.11 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted cpio file.