Bug 6915 - [Anolis OS 23] Bugfix for CVE-2021-40153
Summary: [Anolis OS 23] Bugfix for CVE-2021-40153
Status: RESOLVED FIXED
Alias: None
Product: Anolis OS 23
Classification: Anolis OS
Component: BaseOS Packages (show other bugs) BaseOS Packages
Version: unspecified
Hardware: All Linux
: P2-High S2-major
Target Milestone: ---
Assignee: happy_orange
QA Contact: bolong_tbl
URL:
Whiteboard:
Keywords: CVE
Depends on:
Blocks:
 
Reported: 2023-10-18 16:39 UTC by 小龙
Modified: 2023-10-18 16:39 UTC (History)
0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description 小龙 admin 2023-10-18 16:39:04 UTC 
Description:
Squashfs-Tools4.5中的unsquash-1.c中的squashfs_opendir将文件名存储在目录项中;然后unsquashfs使用它在unsquash过程中创建新文件。文件名未针对目标目录之外的遍历进行验证,因此允许写入目标之外的位置。

Broken commit info:

Bugfix commit info:
https://github.com/plougher/squashfs-tools/commit/79b5a555058eef4e1e7ff220c344d39f8cd09646
https://github.com/plougher/squashfs-tools/commit/79b5a555058eef4e1e7ff220c344d39f8cd09646 (4.5)