CVE-2021-40153

HIGH8.1EPSS 0.54%

squashfs-tools - security update

Published: 8/27/2021Modified: 12/3/2025

Also known as:ALPINE-CVE-2021-40153

Description

squashfs_opendir in unsquash-1.c in Squashfs-Tools 4.5 stores the filename in the directory entry; this is then used by unsquashfs to create the new file during the unsquash. The filename is not validated for traversal outside of the destination directory, and thus allows writing to locations outside of the destination.

Affected packages (4)

Alpine/squashfs-toolsfrom 0, < 4.5-r0
Debian/squashfs-toolsfrom 0, < 1:4.4-2+deb11u1
Debian/squashfs-toolsfrom 0, < 1:4.3-3+deb9u2
Debian/squashfs-toolsfrom 0, < 1:4.3-12+deb10u1

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	HIGH8.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H

References (2)

ADVISORYhttps://security.alpinelinux.org/vuln/CVE-2021-40153
ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2021-40153