EPSS
Percentile
65.1%
GNU is vulnerable to remote code execution. The vulnerability exists due to an integer overflow that triggers an out-of-bounds heap write.
git.savannah.gnu.org/cgit/cpio.git/commit/?id=dd96882877721703e19272fe25034560b794061b
github.com/fangqyi/cpiopwn
lists.gnu.org/archive/html/bug-cpio/2021-08/msg00000.html
lists.gnu.org/archive/html/bug-cpio/2021-08/msg00002.html
security-tracker.debian.org/tracker/CVE-2021-38185