Debian update for squashfs-tools
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2021-41072 |
| CWE-ID | CWE-59 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
squashfs-tools (Debian package) Operating systems & Components / Operating system package or component |
| Vendor | Debian |
Security Bulletin
This security bulletin contains one medium risk vulnerability.
1) Link following
EUVDB-ID: #VU57416
Risk: Medium
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-41072
CWE-ID:
CWE-59 - Improper Link Resolution Before File Access ('Link Following')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to overwrite arbitrary files on the system.
The vulnerability exists due to a link following issue in squashfs_opendir in unsquash-2.c when processing a squashfs filesystem that has been crafted to include a symbolic link under the same filename in a filesystem. The attacker can cause unsquashfs to first create the symbolic link pointing outside the expected directory, and then the subsequent write operation will cause the unsquashfs process to write through the symbolic link elsewhere in the filesystem.
MitigationUpdate squashfs-tools package to one of the following versions: 1:4.3-12+deb10u2, 1:4.4-2+deb11u2.
Vulnerable software versionssquashfs-tools (Debian package): 1:4.0-1 - 1:4.4-2+deb11u1
External linkshttp://www.debian.org/security/2021/dsa-4987
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
