{"id":"MGASA-2022-0010","summary":"Updated squashfs-tools packages fix security vulnerability","details":"squashfs_opendir in unsquash-1.c in Squashfs-Tools 4.5 stores the filename\nin the directory entry; this is then used by unsquashfs to create the new\nfile during the unsquash. The filename is not validated for traversal\noutside of the destination directory, and thus allows writing to locations\noutside of the destination. (CVE-2021-40153)\nsquashfs_opendir in unsquash-2.c in Squashfs-Tools 4.5 allows Directory\nTraversal, a different vulnerability than CVE-2021-40153. A squashfs\nfilesystem that has been crafted to include a symbolic link and then\ncontents under the same filename in a filesystem can cause unsquashfs to\nfirst create the symbolic link pointing outside the expected directory,\nand then the subsequent write operation will cause the unsquashfs process\nto write through the symbolic link elsewhere in the filesystem.\n(CVE-2021-41072)\n","modified":"2026-02-04T03:13:08.942874Z","published":"2022-01-11T07:12:42Z","related":["CVE-2021-40153","CVE-2021-41072"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2022-0010.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=29429"},{"type":"REPORT","url":"https://ubuntu.com/security/notices/USN-5057-1"},{"type":"REPORT","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/RAOZ4BKWAC4Y3U2K5MMW3S77HWWXHQDL/"},{"type":"REPORT","url":"https://www.debian.org/security/2021/dsa-4967"},{"type":"REPORT","url":"https://ubuntu.com/security/notices/USN-5078-1"},{"type":"REPORT","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/RGPPMRX4FP3CLIZKZFB2DODGNHXHPYD6/"},{"type":"REPORT","url":"https://www.debian.org/security/2021/dsa-4987"},{"type":"REPORT","url":"https://ubuntu.com/security/notices/USN-5078-3"}],"affected":[{"package":{"name":"squashfs-tools","ecosystem":"Mageia:8","purl":"pkg:rpm/mageia/squashfs-tools?arch=source&distro=mageia-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.5-1.git5ae723.1.mga8"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2022-0010.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}