MDKSA-2005:116

Package name

cpio

Date

2005-07-11

Advisory ID

MDKSA-2005:116

Affected versions

MNF2.0 i586 , 10.2 x86_64 , CS2.1 x86_64 , 10.0 amd64 , 10.2 i586 , 10.1 i586 , 10.0 i586 , CS3.0 x86_64 , CS3.0 i586 , CS2.1 i586 , 10.1 x86_64

Problem description

A race condition has been found in cpio 2.6 and earlier which allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by cpio after the decompression is complete. (CAN-2005-1111) A vulnerability has been discovered in cpio that allows a malicious cpio file to extract to an arbitrary directory of the attackers choice. Cpio will extract to the path specified in the cpio file, this path can be absolute. (CAN-2005-1229) The updated packages have been patched to address both of these issues.

Updated packages

MNF2.0 i586

 25c062c9ad406ac7f68f9339d4c5694a  mnf/2.0/RPMS/cpio-2.5-4.2.M20mdk.i586.rpm
06317e96fc89042c8869f1d2a5030705  mnf/2.0/SRPMS/cpio-2.5-4.2.M20mdk.src.rpm

10.2 x86_64

 4d5b31e9bdd5d1c81fc61ec3a863f7ff  x86_64/10.2/RPMS/cpio-2.6-3.1.102mdk.x86_64.rpm
131667db822df5a4cec71e24cdc51b69  x86_64/10.2/SRPMS/cpio-2.6-3.1.102mdk.src.rpm

CS2.1 x86_64

 826500d3531ce8aff99afaf97eb8a8a7  x86_64/corporate/2.1/RPMS/cpio-2.5-4.2.C21mdk.x86_64.rpm
950d0f7e96d109e965fb9d6d8f500813  x86_64/corporate/2.1/SRPMS/cpio-2.5-4.2.C21mdk.src.rpm

10.0 amd64

 4a1947f3c7fc27f0b6cc0d9bdf97cfd8  amd64/10.0/RPMS/cpio-2.5-4.2.100mdk.amd64.rpm
407b3cef16e5d7153c3af0a685df7109  amd64/10.0/SRPMS/cpio-2.5-4.2.100mdk.src.rpm

10.2 i586

 9db16a5fa7bfc85aa7bb2d199ab5d825  10.2/RPMS/cpio-2.6-3.1.102mdk.i586.rpm
131667db822df5a4cec71e24cdc51b69  10.2/SRPMS/cpio-2.6-3.1.102mdk.src.rpm

10.1 i586

 c808f5a1689a006e9049e1d8a37ede70  10.1/RPMS/cpio-2.5-4.3.101mdk.i586.rpm
907e5f404afe7cdd649f8aeaa8444914  10.1/SRPMS/cpio-2.5-4.3.101mdk.src.rpm

10.0 i586

 5e09657806ea7779182c7e5a49c22be8  10.0/RPMS/cpio-2.5-4.2.100mdk.i586.rpm
407b3cef16e5d7153c3af0a685df7109  10.0/SRPMS/cpio-2.5-4.2.100mdk.src.rpm

CS3.0 x86_64

 94803dd8ac6d1a1fc5436c04f097b4a1  x86_64/corporate/3.0/RPMS/cpio-2.5-4.2.C30mdk.x86_64.rpm
a7beddf04ef0e065dad9af2387393c22  x86_64/corporate/3.0/SRPMS/cpio-2.5-4.2.C30mdk.src.rpm

CS3.0 i586

 44667c0001e9da72f56c109f9f451c22  corporate/3.0/RPMS/cpio-2.5-4.2.C30mdk.i586.rpm
a7beddf04ef0e065dad9af2387393c22  corporate/3.0/SRPMS/cpio-2.5-4.2.C30mdk.src.rpm

CS2.1 i586

 fe2a5bdd208f9ce6fcf87b90a87dbbdf  corporate/2.1/RPMS/cpio-2.5-4.2.C21mdk.i586.rpm
950d0f7e96d109e965fb9d6d8f500813  corporate/2.1/SRPMS/cpio-2.5-4.2.C21mdk.src.rpm

10.1 x86_64

 71ab78c534f9552ad081c625e92afb45  x86_64/10.1/RPMS/cpio-2.5-4.3.101mdk.x86_64.rpm
907e5f404afe7cdd649f8aeaa8444914  x86_64/10.1/SRPMS/cpio-2.5-4.3.101mdk.src.rpm

References

• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1229
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1111