Published: 14 September 2021
squashfs_opendir in unsquash-2.c in Squashfs-Tools 4.5 allows Directory Traversal, a different vulnerability than CVE-2021-40153. A squashfs filesystem that has been crafted to include a symbolic link and then contents under the same filename in a filesystem can cause unsquashfs to first create the symbolic link pointing outside the expected directory, and then the subsequent write operation will cause the unsquashfs process to write through the symbolic link elsewhere in the filesystem.
From the Ubuntu security team
Richard Weinberger discovered that Squashfs-Tools mishandled certain malformed SQUASHFS files. An attacker could use this vulnerability to write arbitrary files to the filesystem.
CVSS 3 base score: 8.1
Launchpad, Ubuntu, Debian
|Ubuntu 21.10 (Impish Indri)||
|Ubuntu 21.04 (Hirsute Hippo)||
|Ubuntu 20.04 LTS (Focal Fossa)||
|Ubuntu 18.04 LTS (Bionic Beaver)||
|Ubuntu 16.04 ESM (Xenial Xerus)||
|Ubuntu 14.04 ESM (Trusty Tahr)||
Does not exist