bug-cpio
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: cpio RCE Exploit Caused by Integer Overflow

From: Maverick Chung
Subject: Re: cpio RCE Exploit Caused by Integer Overflow
Date: Fri, 6 Aug 2021 20:29:14 +0000
Sorry for the quick follow-up - I just wanted to make a note of a typo in our previous email. This is not an RCE bug, it is an ACE bug.
From: Maverick Chung
Sent: Friday, August 6, 2021 4:15 PM
To: bug-cpio@gnu.org <bug-cpio@gnu.org>
Cc: Qiaoyi Fang <qiaoyi.fang@duke.edu>
Subject: cpio RCE Exploit Caused by Integer Overflow
 
Hello,

Qiaoyi Fang (cc'ed) and I are both CS students at Duke, and we've discovered an RCE exploit in cpio, caused by an integer overflow in ds_fgetstr. We've created the exploit on cpio 2.13, on the version the current kali-rolling. We've attached a bug report containing all the details, as well as the files necessary to reproduce the exploit. Additionally, we've recorded the exploit here: https://youtu.be/F0yKJhu7Vak.

Please let us know if you have any questions. Thank you!

Sincerely,
Maverick Chung and Qiaoyi Fang
reply via email to
[Prev in Thread] Current Thread [Next in Thread]