CVE-2010-0624

Publication date 15 March 2010

Last updated 24 July 2024

Heap-based buffer overflow in the rmt_read__ function in lib/rtapelib.c in the rmt client functionality in GNU tar before 1.23 and GNU cpio before 2.11 allows remote rmt servers to cause a denial of service (memory corruption) or possibly execute arbitrary code by sending more data than was requested, related to archive filenames that contain a : (colon) character.

Read the notes from the security team

Status

Show unmaintained releases

Package	Ubuntu Release	Status
cpio	15.04 vivid	Not affected
	14.10 utopic	Not affected
	14.04 LTS trusty	Not affected
	13.10 saucy	Not affected
	13.04 raring	Not affected
	12.10 quantal	Not affected
	12.04 LTS precise	Not affected
	11.10 oneiric	Not affected
	11.04 natty	Not affected
	10.10 maverick	Not affected
	10.04 LTS lucid	Fixed 2.10-1ubuntu2.1
	9.10 karmic	Ignored
	9.04 jaunty	Ignored
	8.10 intrepid	Ignored
	8.04 LTS hardy	Ignored
	6.06 LTS dapper	Ignored
tar	15.04 vivid	Not affected
	14.10 utopic	Not affected
	14.04 LTS trusty	Not affected
	13.10 saucy	Not affected
	13.04 raring	Not affected
	12.10 quantal	Not affected
	12.04 LTS precise	Not affected
	11.10 oneiric	Not affected
	11.04 natty	Not affected
	10.10 maverick	Ignored
	10.04 LTS lucid	Ignored
	9.10 karmic	Ignored
	9.04 jaunty	Ignored
	8.10 intrepid	Ignored
	8.04 LTS hardy	Ignored
	6.06 LTS dapper	Ignored

Notes

sbeattie

both tar and cpio get their rmt client from paxutils

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package	Patch details
cpio	Vendor: https://rhn.redhat.com/errata/RHSA-2010-0143.html Upstream: http://git.savannah.gnu.org/cgit/paxutils.git/diff/lib/rtapelib.c?id=9bc39283e4cc6ab9e5913ccbf766998eab4ff093
tar	Vendor: https://rhn.redhat.com/errata/RHSA-2010-0142.html Upstream: http://git.savannah.gnu.org/cgit/paxutils.git/diff/lib/rtapelib.c?id=9bc39283e4cc6ab9e5913ccbf766998eab4ff093

References

Related Ubuntu Security Notices (USN)