Wind River Support Network

HomeDefectsLINCD-8173
Fixed

LINCD-8173 : Security Advisory - unzip - CVE-2022-0530

Created: Feb 9, 2022    Updated: Jul 20, 2022
Resolved Date: Jul 5, 2022
Found In Version: 10.20.6.0
Fix Version: 10.22.29.0
Severity: Standard
Applicable for: Wind River Linux CD
Component/s: Userspace

Description

A flaw was found in unzip 6.0. The vulnerability occurs during the conversion of an utf-8 string to a local string that leads to a segmentation fault. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution.

https://nvd.nist.gov/vuln/detail/CVE-2022-0530

CVEs

Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube