Debian Security Update DSA-4967 squashfs-tools - security update

Thread starter LinuxBot
Start date Sep 5, 2021

LinuxBot

Member

Sep 5, 2021

#1

Etienne Stalmans discovered that unsquashfs in squashfs-tools, the tools to create and extract Squashfs filesystems, does not validate filenames for traversal outside of the destination directory. An attacker can take advantage of this flaw for writing to arbitrary files to the filesystem if a malformed Squashfs image is processed.

Continue reading...

You must log in or register to reply here.

Share:

Facebook X (Twitter) Reddit Pinterest Tumblr WhatsApp Email Link

Staff online

JasKinasis
Super Moderator

Members online

Total: 842 (members: 8, guests: 834)

Latest posts

Linux OS which load entirely into RAM
- Latest: Condobloke
- 10 minutes ago
General Linux Questions
Impartiality Of Distro Choices Advocated At This Site
- Latest: Brickwizard
- Today at 10:20 AM
Forum Assistance
USB ports issue - really slow
- Latest: truckerDave
- Today at 10:08 AM
General Computing
B
Can't detect my nvme SSD on Linux mint edge boot usb
- Latest: banana789
- Today at 9:44 AM
Getting Started
Solved kubuntu can't update dell xps laptop firmware
- Latest: rdfrkian
- Today at 8:57 AM
Ubuntu forum