Wind River Support Network

HomeDefectsLIN1021-2772
Fixed

LIN1021-2772 : Security Advisory - unzip - CVE-2022-0529

Created: Feb 9, 2022    Updated: Oct 26, 2022
Resolved Date: Oct 17, 2022
Found In Version: 10.21.20.1
Fix Version: 10.21.20.14
Severity: Standard
Applicable for: Wind River Linux LTS 21
Component/s: Userspace

Description

A flaw was found in unzip 6.0. The vulnerability occurs during the conversion of wide string to local string that leads to a heap of out-of-bound writes. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution.

https://nvd.nist.gov/vuln/detail/CVE-2022-0529

CVEs

Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube