APK Heap Overflow Vulnerability: Remote Code Execution via Malicious APKINDEX.tar.gz
CVE-2017-9671 · MEDIUM Severity
AV:N/AC:M/AU:N/C:P/I:P/A:P
A heap overflow in apk (Alpine Linux's package manager) allows a remote attacker to cause a denial of service, or achieve code execution, by crafting a malicious APKINDEX.tar.gz file with a bad pax header block.
Learn more about our Cis Benchmark Audit For Distribution Independent Linux.