squashfs-tools-4.3-21.el8

エラータID: AXSA:2024-8222:02

Release date: 
Saturday, June 15, 2024 - 02:37
Subject: 
squashfs-tools-4.3-21.el8
Affected Channels: 
Asianux Server 8 for x86_64
Severity: 
Moderate
Description: 

SquashFS is a highly compressed read-only file system for Linux. These packages contain the utilities for manipulating squashfs file systems.

Security Fix(es):

* squashfs-tools: unvalidated filepaths allow writing outside of destination (CVE-2021-40153)
* squashfs-tools: possible Directory Traversal via symbolic link (CVE-2021-41072)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Asianux Server 8.10 Release Notes linked from the References section.

CVE-2021-40153
squashfs_opendir in unsquash-1.c in Squashfs-Tools 4.5 stores the filename in the directory entry; this is then used by unsquashfs to create the new file during the unsquash. The filename is not validated for traversal outside of the destination directory, and thus allows writing to locations outside of the destination.
CVE-2021-41072
squashfs_opendir in unsquash-2.c in Squashfs-Tools 4.5 allows Directory Traversal, a different vulnerability than CVE-2021-40153. A squashfs filesystem that has been crafted to include a symbolic link and then contents under the same filename in a filesystem can cause unsquashfs to first create the symbolic link pointing outside the expected directory, and then the subsequent write operation will cause the unsquashfs process to write through the symbolic link elsewhere in the filesystem.

Solution: 

Update packages.

CVEs: 
CVE-2021-40153
squashfs_opendir in unsquash-1.c in Squashfs-Tools 4.5 stores the filename in the directory entry; this is then used by unsquashfs to create the new file during the unsquash. The filename is not validated for traversal outside of the destination directory, and thus allows writing to locations outside of the destination.
CVE-2021-41072
squashfs_opendir in unsquash-2.c in Squashfs-Tools 4.5 allows Directory Traversal, a different vulnerability than CVE-2021-40153. A squashfs filesystem that has been crafted to include a symbolic link and then contents under the same filename in a filesystem can cause unsquashfs to first create the symbolic link pointing outside the expected directory, and then the subsequent write operation will cause the unsquashfs process to write through the symbolic link elsewhere in the filesystem.
Additional Info: 

N/A

Download: 

SRPMS
  1. squashfs-tools-4.3-21.el8.src.rpm
    MD5: f76708feb8698d2482d6053eff1694ed
    SHA-256: 427e25da834d64e72cdecd0d88d2254ed56d54fef5a7a13a288ef8ece74d678f
    Size: 215.25 kB

Asianux Server 8 for x86_64
  1. squashfs-tools-4.3-21.el8.x86_64.rpm
    MD5: 26bedf1fa031206398db7440ba0e2d44
    SHA-256: 8b44e040f718af6b962aa77269d40de9f0fb56097f3b6bd9375c9a8149dd14cd
    Size: 164.14 kB