CVE-2022-1271
Published: 7 April 2022
arbitrary file overwrite with crafted file names
Priority
Medium
Status
| Package | Release | Status |
|---|---|---|
|
gzip Launchpad, Ubuntu, Debian |
bionic |
Released
(1.6-5ubuntu1.2)
|
| focal |
Released
(1.10-0ubuntu4.1)
|
|
| impish |
Released
(1.10-4ubuntu1.1)
|
|
| jammy |
Released
(1.10-4ubuntu4)
|
|
| trusty |
Released
(1.6-3ubuntu1+esm1)
|
|
| upstream |
Needs triage
|
|
| xenial |
Released
(1.6-4ubuntu1+esm1)
|
|
|
xz-utils Launchpad, Ubuntu, Debian |
bionic |
Released
(5.2.2-1.3ubuntu0.1)
|
| focal |
Released
(5.2.4-1ubuntu1.1)
|
|
| impish |
Released
(5.2.5-2ubuntu0.1)
|
|
| jammy |
Released
(5.2.5-2ubuntu1)
|
|
| trusty |
Released
(5.1.1alpha+20120614-2ubuntu2.14.04.1+esm1)
|
|
| upstream |
Needs triage
|
|
| xenial |
Released
(5.1.1alpha+20120614-2ubuntu2.16.04.1+esm1)
|
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271
- https://www.openwall.com/lists/oss-security/2022/04/07/8
- https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html
- https://ubuntu.com/security/notices/USN-5378-1
- https://ubuntu.com/security/notices/USN-5378-2
- https://ubuntu.com/security/notices/USN-5378-3
- https://ubuntu.com/security/notices/USN-5378-4
- NVD
- Launchpad
- Debian