Dpkg Stack Buffer Overflow Vulnerability (CVE-2015-0860)

Dpkg Stack Buffer Overflow Vulnerability (CVE-2015-0860)
Dpkg Stack Buffer Overflow Vulnerability (CVE-2015-0860)

Release date:
Updated on:

Affected Systems:

SmokePing

Description:

CVE (CAN) ID: CVE-2015-0860

Dpkg is a suite management system specially developed for "Debian" to facilitate software installation, update, and removal.

The dpkg-deb component of dpkg has the stack buffer overflow vulnerability. If the user or automatic system processes the constructed Debian Binary Package in the old format, this vulnerability can cause arbitrary code execution.


<* Source: Hanno Boeck (hanno@hboeck.de)
*>

Suggestion:

Vendor patch:

SmokePing
---------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:

Https://www.debian.org/security/

Debian software package management tools apt-get and dpkg operation memo

Debian kernel compilation err: line 65 dpkg-gencontrol command not found

The Ubuntu Installation Software prompts "the lock file cannot be opened/var/lib/dpkg/lock ".

Common Parameters for installing Ubuntu dpkg Software

Linux-dpkg software package and APT software package management operations

Apt-get | dpkg | about YUM usage (English)

For Ubuntu software installation questions: What is the difference between apt-get and dpkg?

This article permanently updates the link address: