UBUNTU-CVE-2021-40153

See a problem?
Please try reporting it to the source first.

Source

https://ubuntu.com/security/CVE-2021-40153

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2021/UBUNTU-CVE-2021-40153.json

JSON Data

https://api.osv.dev/v1/vulns/UBUNTU-CVE-2021-40153

Related

Published

2021-08-27T15:15:00Z

Modified

2021-08-27T15:15:00Z

Severity

8.1 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H CVSS Calculator

Summary

[none]

Details

squashfs_opendir in unsquash-1.c in Squashfs-Tools 4.5 stores the filename in the directory entry; this is then used by unsquashfs to create the new file during the unsquash. The filename is not validated for traversal outside of the destination directory, and thus allows writing to locations outside of the destination.

References

Affected packages

Ubuntu:Pro:16.04:LTS / squashfs-tools

Package

Name: squashfs-tools
Purl: pkg:deb/ubuntu/squashfs-tools?arch=src?distro=esm-infra/xenial

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:4.3-3ubuntu2.16.04.3+esm1

Affected versions

1:4.*

1:4.2+20130409-2.1

1:4.3-3

1:4.3-3ubuntu1

1:4.3-3ubuntu2

1:4.3-3ubuntu2.16.04.1

1:4.3-3ubuntu2.16.04.2

1:4.3-3ubuntu2.16.04.3

Ecosystem specific

{
    "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "binary_version": "1:4.3-3ubuntu2.16.04.3+esm1",
            "binary_name": "squashfs-tools"
        },
        {
            "binary_version": "1:4.3-3ubuntu2.16.04.3+esm1",
            "binary_name": "squashfs-tools-dbg"
        },
        {
            "binary_version": "1:4.3-3ubuntu2.16.04.3+esm1",
            "binary_name": "squashfs-tools-dbgsym"
        }
    ]
}

Ubuntu:18.04:LTS / squashfs-tools

Package

Name: squashfs-tools
Purl: pkg:deb/ubuntu/squashfs-tools?arch=src?distro=bionic

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:4.3-6ubuntu0.18.04.3

Affected versions

1:4.*

1:4.3-4ubuntu1

1:4.3-4ubuntu2

1:4.3-6

1:4.3-6ubuntu0.18.04.1

1:4.3-6ubuntu0.18.04.2

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "binary_version": "1:4.3-6ubuntu0.18.04.3",
            "binary_name": "squashfs-tools"
        },
        {
            "binary_version": "1:4.3-6ubuntu0.18.04.3",
            "binary_name": "squashfs-tools-dbgsym"
        }
    ]
}

Ubuntu:20.04:LTS / squashfs-tools

Package

Name: squashfs-tools
Purl: pkg:deb/ubuntu/squashfs-tools?arch=src?distro=focal

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:4.4-1ubuntu0.1

Affected versions

1:4.*

1:4.4-1

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "binary_version": "1:4.4-1ubuntu0.1",
            "binary_name": "squashfs-tools"
        },
        {
            "binary_version": "1:4.4-1ubuntu0.1",
            "binary_name": "squashfs-tools-dbgsym"
        }
    ]
}