CVE-2019-14866

Current Description

In all versions of cpio before 2.13 does not properly validate input files when generating TAR archives. When cpio is used to create TAR archives from paths an attacker can write to, the resulting archive may contain files with permissions the attacker did not have or in paths he did not have access to. Extracting those archives from a high-privilege user without carefully reviewing them may lead to the compromise of the system.

Basic Data

PublishedJanuary 07, 2020
Last ModifiedJanuary 10, 2020
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeNVD-CWE-Other
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:L/AC:M/Au:N/C:C/I:C/A:C
CVSS 2 - Access VectorLOCAL
CVSS 2 - Access ComplexityMEDIUM
CVSS 2 - AuthenticationNONE
CVSS 2 - Confidentiality ImpactCOMPLETE
CVSS 2 - Availability ImpactCOMPLETE
CVSS 2 - Base Score6.9
SeverityMEDIUM
Exploitability Score3.4
Impact Score10.0
Obtain All Privilegefalse
Obtain User Privilegefalse
Obtain Other Privilegefalse

Base Metric V3

No data provided.

Configurations

  • OR - Configuration 1
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3ApplicationGnuCpio********2.13
  • OR - Configuration 2
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3OSRedhatEnterprise Linux7.0*******
    2.3OSRedhatEnterprise Linux8.0*******

Vulnerable Software List

VendorProductVersions
Redhat Enterprise Linux 7.0, 8.0
Gnu Cpio *

References

NameSourceURLTags
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14866https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14866CONFIRMExploit Issue Tracking Mitigation Patch Third Party Advisory
https://lists.gnu.org/archive/html/bug-cpio/2019-08/msg00003.htmlhttps://lists.gnu.org/archive/html/bug-cpio/2019-08/msg00003.htmlMISCMailing List Patch Third Party Advisory
https://lists.gnu.org/archive/html/bug-cpio/2019-11/msg00000.htmlhttps://lists.gnu.org/archive/html/bug-cpio/2019-11/msg00000.htmlMISCExploit Mailing List Third Party Advisory