A heap overflow in apk (Alpine Linux's package manager) allows a remote attacker to cause a denial of service, or achieve code execution by crafting a malicious APKINDEX.tar.gz file.
References
Link | Resource |
---|---|
https://www.twistlock.com/2017/06/25/alpine-linux-vulnerability-discovery-code-execution-pt-1-2/ | Exploit Third Party Advisory |
http://www.openwall.com/lists/oss-security/2017/06/25/2 | Exploit Mailing List Third Party Advisory |
http://www.securityfocus.com/bid/99340 | Third Party Advisory VDB Entry |
Configurations
Information
Published : 2017-07-17 14:29
Updated : 2017-07-20 06:51
NVD link : CVE-2017-9669
Mitre link : CVE-2017-9669
JSON object : View
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
Products Affected
alpinelinux
- alpine_linux