GNU cpio through 2.13 allows attackers to execute arbitrary code via a crafted pattern file, because of a dstring.c ds_fgetstr integer overflow that triggers an out-of-bounds heap write. NOTE: it is unclear whether there are common cases where the pattern file, associated with the -E option, is untrusted data.
Created cpio tracking bugs for this issue:
Affects: fedora-all [bug 1991732]
This issue has been addressed in the following products:
Red Hat Enterprise Linux 8
Via RHSA-2022:1991 https://access.redhat.com/errata/RHSA-2022:1991
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):