Home

CVE-2021-40153

Description

squashfs_opendir in unsquash-1.c in Squashfs-Tools 4.5 stores the filename in the directory entry; this is then used by unsquashfs to create the new file during the unsquash. The filename is not validated for traversal outside of the destination directory, and thus allows writing to locations outside of the destination.

Risk Information

Base Score
8.1
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H
EPSS Score
Exploitation Probability
0.542

Associated Vulnerability

VulnerabilityOS Platform
squashfs-tools security update(DSA-4967-1) squashfs-tools_4.3-12+deb10u1_i386.debLinux
squashfs-tools security update(DSA-4967-1) squashfs-tools_4.3-12+deb10u1_amd64.debLinux
SUSE-SU-2023:4591-1(Basesystem Module 15-SP4 ) squashfs-4.6.1-150300.3.3.1.x86_64.rpmLinux
SUSE-SU-2023:4591-1(Basesystem Module 15-SP5 ) squashfs-4.6.1-150300.3.3.1.x86_64_15_SP5.rpmLinux
SUSE-SU-2023:4591-1(Basesystem Module 15-SP4 ) squashfs-debuginfo-4.6.1-150300.3.3.1.x86_64.rpmLinux
SUSE-SU-2023:4591-1(Basesystem Module 15-SP5 ) squashfs-debuginfo-4.6.1-150300.3.3.1.x86_64_15_SP5.rpmLinux
SUSE-SU-2023:4591-1(Basesystem Module 15-SP4 ) squashfs-debugsource-4.6.1-150300.3.3.1.x86_64.rpmLinux
SUSE-SU-2023:4591-1(Basesystem Module 15-SP5 ) squashfs-debugsource-4.6.1-150300.3.3.1.x86_64_15_SP5.rpmLinux
Tools to create and modify squashfs filesystems (USN-5057-1) squashfs-tools_4.4-1ubuntu0.1_i386.debLinux
Tools to create and modify squashfs filesystems (USN-5057-1) squashfs-tools_4.4-1ubuntu0.1_amd64.debLinux
Tools to create and modify squashfs filesystems (USN-5057-1) squashfs-tools_4.4-2ubuntu0.1_i386.debLinux
Tools to create and modify squashfs filesystems (USN-5057-1) squashfs-tools_4.4-2ubuntu0.1_amd64.debLinux
Tools to create and modify squashfs filesystems (USN-5057-1) squashfs-tools_4.3-6ubuntu0.18.04.3_i386.debLinux
Tools to create and modify squashfs filesystems (USN-5057-1) squashfs-tools_4.3-6ubuntu0.18.04.3_amd64.debLinux
(RHSA-2024:2396)Moderate: security update squashfs-tools-4.4-10.git1.el9.x86_64.rpmLinux
(RHSA-2024:2396)Moderate: security update squashfs-tools-debuginfo-4.4-10.git1.el9.x86_64.rpmLinux
(RHSA-2024:2396)Moderate: security update squashfs-tools-debugsource-4.4-10.git1.el9.x86_64.rpmLinux
Squashfs-tools update (ELSA-2024-2396) squashfs-tools-4.4-10.git1.el9.x86_64.rpmLinux
(RHSA-2024:3139)Moderate: security update squashfs-tools-4.3-21.el8.x86_64.rpmLinux
(RHSA-2024:3139)Moderate: security update squashfs-tools-debuginfo-4.3-21.el8.x86_64.rpmLinux
(RHSA-2024:3139)Moderate: security update squashfs-tools-debugsource-4.3-21.el8.x86_64.rpmLinux
Squashfs-tools update (ELSA-2024-3139) squashfs-tools-4.3-21.el8.x86_64.rpmLinux
squashfs-tools Security Update (ALAS-2023-2152) squashfs-tools-4.3-0.21.gitaae0aff4.amzn2.0.2.x86_64.rpmLinux
squashfs-tools security update (RLSA-2024:3139) squashfs-tools-4.3-21.el8.x86_64.rpmLinux
Moderate: squashfs-tools security update squashfs-tools-4.4-10.git1.el9.x86_64.rpmLinux
Moderate: squashfs-tools security update squashfs-tools-4.3-21.el8.x86_64.rpmLinux
squashfs-tools security update (RLSA-2024:2396) squashfs-tools-4.4-10.git1.el9.x86_64.rpmLinux
squashfs-tools Security Update (ALAS2-2023-2152) squashfs-tools-4.3-0.21.gitaae0aff4.amzn2.0.2.x86_64.rpmLinux
Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability (CVE-2021-40153)NCM

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234