Wind River Support Network

HomeDefectsLINCD-8172
Fixed

LINCD-8172 : Security Advisory - unzip - CVE-2022-0529

Created: Feb 9, 2022    Updated: Jul 20, 2022
Resolved Date: Jul 5, 2022
Found In Version: 10.20.6.0
Fix Version: 10.22.29.0
Severity: Standard
Applicable for: Wind River Linux CD
Component/s: Userspace

Description

A flaw was found in unzip 6.0. The vulnerability occurs during the conversion of wide string to local string that leads to a heap of out-of-bound writes. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution.

https://nvd.nist.gov/vuln/detail/CVE-2022-0529

CVEs

Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube