CVE-2017-9671

Published: Jul 17, 2017

Modified: Aug 5, 2024

PUBLISHED

Description

A heap overflow in apk (Alpine Linux's package manager) allows a remote attacker to cause a denial of service, or achieve code execution, by crafting a malicious APKINDEX.tar.gz file with a bad pax header block.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

[oss-security] 20170625 CVE-2017-9669 and CVE-2017-9671: Exploitable buffer overflows in apk (Alpine's package manager)

mailing-list

x_refsource_MLIST

99340

vdb-entry

x_refsource_BID

https://www.twistlock.com/2017/06/25/alpine-linux-vulnerability-discovery-code-execution-pt-1-2/

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2017-9671

Description

Affected Products

References