CVE-2022-1271

Published: 7 April 2022

An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name (for example, a crafted file name), this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation when processing filenames with two or more newlines where selected content and the target file names are embedded in crafted multi-line file names. This flaw allows a remote, low privileged attacker to force zgrep to write arbitrary files on the system.

Priority

CVSS 3 base score: 8.8

Status

Package	Release	Status
gzip Launchpad, Ubuntu, Debian	bionic	Released (1.6-5ubuntu1.2)
	focal	Released (1.10-0ubuntu4.1)
	impish	Released (1.10-4ubuntu1.1)
	jammy	Released (1.10-4ubuntu4)
	trusty	Released (1.6-3ubuntu1+esm1)
	upstream	Needs triage
	xenial	Released (1.6-4ubuntu1+esm1)
	Patches: upstream: https://git.savannah.gnu.org/cgit/gzip.git/commit/?id=dc9740df61e575e8c3148b7bd3c147a81ea00c7c upstream: https://git.savannah.gnu.org/cgit/gzip.git/commit/?id=d74a30d45c6834c8e9f87115197370fe86656d81 upstream: https://git.savannah.gnu.org/cgit/gzip.git/commit/?id=c99f320d5c0fd98fe88d9cea5407eb7ad9d50e8a upstream: https://git.savannah.gnu.org/cgit/gzip.git/commit/?id=0e2d07fc2c4393cfb9dbab580d0bee4525b9c9b3 upstream: https://git.savannah.gnu.org/cgit/gzip.git/commit/?id=5e1fc8b92c1af9382365aef0f9130341ee1d2c76
xz-utils Launchpad, Ubuntu, Debian	bionic	Released (5.2.2-1.3ubuntu0.1)
	focal	Released (5.2.4-1ubuntu1.1)
	impish	Released (5.2.5-2ubuntu0.1)
	jammy	Released (5.2.5-2ubuntu1)
	trusty	Released (5.1.1alpha+20120614-2ubuntu2.14.04.1+esm1)
	upstream	Needs triage
	xenial	Released (5.1.1alpha+20120614-2ubuntu2.16.04.1+esm1)
	Patches: upstream: https://tukaani.org/xz/xzgrep-ZDI-CAN-16587.patch

Security

CVE-2022-1271

Medium

Status

References

Join the discussion

Canonical is offering Extended Security Maintenance

Further reading