CVE-2021-41072
Publication date 14 September 2021
Last updated 24 July 2024
Ubuntu priority
squashfs_opendir in unsquash-2.c in Squashfs-Tools 4.5 allows Directory Traversal, a different vulnerability than CVE-2021-40153. A squashfs filesystem that has been crafted to include a symbolic link and then contents under the same filename in a filesystem can cause unsquashfs to first create the symbolic link pointing outside the expected directory, and then the subsequent write operation will cause the unsquashfs process to write through the symbolic link elsewhere in the filesystem.
From the Ubuntu Security Team
Richard Weinberger discovered that Squashfs-Tools mishandled certain malformed SQUASHFS files. An attacker could use this vulnerability to write arbitrary files to the filesystem.
Status
| Package | Ubuntu Release | Status |
|---|---|---|
| squashfs-tools | 22.04 LTS jammy |
Fixed 1:4.4-2ubuntu2
|
| 20.04 LTS focal |
Fixed 1:4.4-1ubuntu0.2
|
|
| 18.04 LTS bionic |
Fixed 1:4.3-6ubuntu0.18.04.4
|
|
| 16.04 LTS xenial |
Fixed 1:4.3-3ubuntu2.16.04.3+esm1
|
|
| 14.04 LTS trusty | Not in release |
Get expanded security coverage with Ubuntu Pro
Reduce your average CVE exposure time from 98 days to 1 day with expanded CVE patching, ten-years security maintenance and optional support for the full stack of open-source applications. Free for personal use.
Get Ubuntu ProSeverity score breakdown
| Parameter | Value |
|---|---|
| Base score |
8.1 · High
|
| Attack vector | Network |
| Attack complexity | Low |
| Privileges required | None |
| User interaction | Required |
| Scope | Unchanged |
| Confidentiality | None |
| Integrity impact | High |
| Availability impact | High |
| Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H |
References
Related Ubuntu Security Notices (USN)
- USN-5078-1
- Squashfs-Tools vulnerability
- 15 September 2021
- USN-5078-2
- Squashfs-Tools vulnerabilities
- 15 September 2021
- USN-5078-3
- Squashfs-Tools vulnerability
- 13 October 2021