CVE-2021-41072

Name
CVE-2021-41072
Description
squashfs_opendir in unsquash-2.c in Squashfs-Tools 4.5 allows Directory Traversal, a different vulnerability than CVE-2021-40153. A squashfs filesystem that has been crafted to include a symbolic link and then contents under the same filename in a filesystem can cause unsquashfs to first create the symbolic link pointing outside the expected directory, and then the subsequent write operation will cause the unsquashfs process to write through the symbolic link elsewhere in the filesystem.
NVD Severity
high
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
MISC https://github.com/plougher/squashfs-tools/issues/72#issuecomment-913833405
MISC https://github.com/plougher/squashfs-tools/commit/e0485802ec72996c20026da320650d8362f555bd
Third Party Advisory https://www.debian.org/security/2021/dsa-4987
Mailing List https://lists.debian.org/debian-lts-announce/2021/10/msg00017.html

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:squashfs-tools_project:squashfs-tools:4.5:*:*:*:*:*:*:* squashfs-tools == None == 4.5

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
squashfs-tools 3.13-main 4.5-r0 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
squashfs-tools 3.12-main 4.5-r0 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
squashfs-tools 3.11-main 4.5-r0 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
squashfs-tools 3.14-main 4.5-r1 Natanael Copa <ncopa@alpinelinux.org> fixed
squashfs-tools 3.15-main 4.5-r1 Natanael Copa <ncopa@alpinelinux.org> fixed