CVE-2021-38185

HIGH LAB

GNU cpio < 2.13 - Remote Code Execution via Pattern File Integer Overflow

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2021-38185. PoCs published by fangqyi.

AI-analyzed exploit summary This repository contains a functional exploit for CVE-2021-38185, an integer overflow vulnerability in cpio 2.13. The exploit leverages heap manipulation and memory corruption to achieve arbitrary code execution, bypassing most binary protections except full RELRO.

Description

GNU cpio through 2.13 allows attackers to execute arbitrary code via a crafted pattern file, because of a dstring.c ds_fgetstr integer overflow that triggers an out-of-bounds heap write. NOTE: it is unclear whether there are common cases where the pattern file, associated with the -E option, is untrusted data.

Exploits (1)

nomisec WORKING POC 5 stars
by fangqyi · poc
https://github.com/fangqyi/cpiopwn

This repository contains a functional exploit for CVE-2021-38185, an integer overflow vulnerability in cpio 2.13. The exploit leverages heap manipulation and memory corruption to achieve arbitrary code execution, bypassing most binary protections except full RELRO.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Complex
Reliability
Reliable
Target: cpio 2.13
No auth needed
Prerequisites: System with at least 12 GB of RAM · cpio 2.13 and libc 2.31 · Python 3 with pwntools
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (5)

Core 5

Scores

CVSS v3 7.8
EPSS 0.2633
EPSS Percentile 96.4%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Lab Environment

COMMUNITY
Community Lab

Details

CWE
CWE-190
Status published
Products (1)
gnu/cpio < 2.13
Published Aug 08, 2021
Tracked Since Feb 18, 2026