Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
debianDebianDEBIAN:DSA-4987-1:14696
HistoryOct 15, 2021 - 12:58 p.m.

[SECURITY] [DSA 4987-1] squashfs-tools security update

2021-10-1512:58:53
lists.debian.org
11

0.003 Low

EPSS

Percentile

71.7%

JSON

Debian Security Advisory DSA-4987-1 [email protected]
https://www.debian.org/security/ Salvatore Bonaccorso
October 15, 2021 https://www.debian.org/security/faq

Package : squashfs-tools
CVE ID : CVE-2021-41072
Debian Bug : 994262

Richard Weinberger reported that unsquashfs in squashfs-tools, the tools
to create and extract Squashfs filesystems, does not check for duplicate
filenames within a directory. An attacker can take advantage of this
flaw for writing to arbitrary files to the filesystem if a malformed
Squashfs image is processed.

For the oldstable distribution (buster), this problem has been fixed
in version 1:4.3-12+deb10u2.

For the stable distribution (bullseye), this problem has been fixed in
version 1:4.4-2+deb11u2.

We recommend that you upgrade your squashfs-tools packages.

For the detailed security status of squashfs-tools please refer to its
security tracker page at:
https://security-tracker.debian.org/tracker/squashfs-tools

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: [email protected]

OSVersionArchitecturePackageVersionFilename
Debian9armhfsquashfs-tools< 4.3-3+deb9u3squashfs-tools_4.3-3+deb9u3_armhf.deb
Debian11ppc64elsquashfs-tools-dbgsym< 4.4-2+deb11u2squashfs-tools-dbgsym_4.4-2+deb11u2_ppc64el.deb
Debian10arm64squashfs-tools< 4.3-12+deb10u2squashfs-tools_4.3-12+deb10u2_arm64.deb
Debian10mipselsquashfs-tools-dbgsym< 4.3-12+deb10u2squashfs-tools-dbgsym_4.3-12+deb10u2_mipsel.deb
Debian11ppc64elsquashfs-tools< 4.4-2+deb11u2squashfs-tools_4.4-2+deb11u2_ppc64el.deb
Debian10i386squashfs-tools-dbgsym< 4.3-12+deb10u2squashfs-tools-dbgsym_4.3-12+deb10u2_i386.deb
Debian9arm64squashfs-tools< 4.3-3+deb9u3squashfs-tools_4.3-3+deb9u3_arm64.deb
Debian9i386squashfs-tools-dbg< 4.3-3+deb9u3squashfs-tools-dbg_4.3-3+deb9u3_i386.deb
Debian10ppc64elsquashfs-tools-dbgsym< 4.3-12+deb10u2squashfs-tools-dbgsym_4.3-12+deb10u2_ppc64el.deb
Debian10armhfsquashfs-tools< 4.3-12+deb10u2squashfs-tools_4.3-12+deb10u2_armhf.deb
Rows per page:
1-10 of 511

Related

openvas 22
ubuntu 3
osv 9
redhatcve 1
debian 2
cbl_mariner 1
ubuntucve 1
nessus 31
redhat 2
cve 1
prion 1
nvd 1
debiancve 1
gentoo 1
oraclelinux 2
cvelist 1
almalinux 2
alpinelinux 1
mageia 1
veracode 1
rocky 1
amazon 1
photon 4
openvas
openvas
Ubuntu: Security Advisory (USN-5078-1)
2021-09-16 00:00:00
Debian: Security Advisory (DSA-4987-1)
2021-10-16 00:00:00
Ubuntu: Security Advisory (USN-5078-3)
2021-10-14 00:00:00
ubuntu
ubuntu
Squashfs-Tools vulnerability
2021-09-15 00:00:00
Squashfs-Tools vulnerability
2021-10-13 00:00:00
Squashfs-Tools vulnerabilities
2021-09-15 00:00:00
osv
osv
squashfs-tools - security update
2021-10-15 00:00:00
squashfs-tools vulnerability
2021-10-13 00:59:27
squashfs-tools - security update
2021-10-20 00:00:00
redhatcve
redhatcve
CVE-2021-41072
2021-09-16 15:12:21
debian
debian
[SECURITY] [DSA 4987-1] squashfs-tools security update
2021-10-15 12:58:53
[SECURITY] [DLA 2789-1] squashfs-tools security update
2021-10-20 21:58:00
cbl_mariner
cbl_mariner
CVE-2021-41072 affecting package squashfs-tools for versions less than 4.5.1-1
2022-04-26 20:17:08
ubuntucve
ubuntucve
CVE-2021-41072
2021-09-14 00:00:00
nessus
nessus
EulerOS 2.0 SP8 : squashfs-tools (EulerOS-SA-2021-2814)
2021-12-25 00:00:00
EulerOS 2.0 SP10 : squashfs-tools (EulerOS-SA-2022-1235)
2022-02-25 00:00:00
RHEL 9 : squashfs-tools (RHSA-2024:2396)
2024-04-30 00:00:00
redhat
redhat
(RHSA-2024:3139) Moderate: squashfs-tools security update
2024-05-22 06:35:43
(RHSA-2024:2396) Moderate: squashfs-tools security update
2024-04-30 06:15:35
cve
cve
CVE-2021-41072
2021-09-14 01:15:07
prion
prion
Directory traversal
2021-09-14 01:15:00
nvd
nvd
CVE-2021-41072
2021-09-14 01:15:07
debiancve
debiancve
CVE-2021-41072
2021-09-14 01:15:07
gentoo
gentoo
squashfs-tools: Multiple Vulnerabilities
2023-05-30 00:00:00
oraclelinux
oraclelinux
squashfs-tools security update
2024-05-02 00:00:00
squashfs-tools security update
2024-05-23 00:00:00
cvelist
cvelist
CVE-2021-41072
2021-09-14 00:00:00
almalinux
almalinux
Moderate: squashfs-tools security update
2024-05-22 00:00:00
Moderate: squashfs-tools security update
2024-04-30 00:00:00
alpinelinux
alpinelinux
CVE-2021-41072
2021-09-14 01:15:07
mageia
mageia
Updated squashfs-tools packages fix security vulnerability
2022-01-11 10:12:42
veracode
veracode
Directory Traversal
2021-09-15 15:31:50
rocky
rocky
squashfs-tools security update
2024-06-14 13:59:16
amazon
amazon
Medium: squashfs-tools
2023-07-17 17:40:00
photon
photon
Critical Photon OS Security Update - PHSA-2022-0166
2022-03-25 00:00:00
Critical Photon OS Security Update - PHSA-2022-4.0-0166
2022-03-25 00:00:00
Critical Photon OS Security Update - PHSA-2022-0375
2022-03-26 00:00:00

0.003 Low

EPSS

Percentile

71.7%

JSON
Related for DEBIAN:DSA-4987-1:14696
openvas22ubuntu3osv9redhatcve1debian2cbl_mariner1ubuntucve1nessus31redhat2cve1prion1nvd1debiancve1gentoo1oraclelinux2cvelist1almalinux2alpinelinux1mageia1veracode1rocky1amazon1photon4