Описание
RPM 4.4.x through 4.9.x, probably before 4.9.1.2, allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via an rpm package with crafted headers and offsets that are not properly handled when a package is queried or installed, related to (1) the regionSwab function, (2) the headerLoad function, and (3) multiple functions in rpmio/rpmpgp.c.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 4.9.1.3-2 |
| hardy | ignored | end of life |
| lucid | released | 4.7.2-1lubuntu0.1 |
| maverick | ignored | end of life |
| natty | ignored | end of life |
| oneiric | released | 4.9.0-7ubuntu0.1 |
| precise | released | 4.9.1.1-1ubuntu0.1 |
| quantal | not-affected | 4.9.1.3-2 |
| upstream | released | 4.9.1.2 |
Показывать по
EPSS
9.3 Critical
CVSS2
Связанные уязвимости
RPM 4.4.x through 4.9.x, probably before 4.9.1.2, allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via an rpm package with crafted headers and offsets that are not properly handled when a package is queried or installed, related to (1) the regionSwab function, (2) the headerLoad function, and (3) multiple functions in rpmio/rpmpgp.c.
RPM 4.4.x through 4.9.x, probably before 4.9.1.2, allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via an rpm package with crafted headers and offsets that are not properly handled when a package is queried or installed, related to (1) the regionSwab function, (2) the headerLoad function, and (3) multiple functions in rpmio/rpmpgp.c.
RPM 4.4.x through 4.9.x, probably before 4.9.1.2, allows remote attack ...
RPM 4.4.x through 4.9.x, probably before 4.9.1.2, allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via an rpm package with crafted headers and offsets that are not properly handled when a package is queried or installed, related to (1) the regionSwab function, (2) the headerLoad function, and (3) multiple functions in rpmio/rpmpgp.c.
EPSS
9.3 Critical
CVSS2