8.8

CVE-2022-1271

An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name (for example, a crafted file name), this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation when processing filenames with two or more newlines where selected content and the target file names are embedded in crafted multi-line file names. This flaw allows a remote, low privileged attacker to force zgrep to write arbitrary files on the system.

Data is provided by the National Vulnerability Database (NVD)
GnuGzip Version < 1.12
RedhatJboss Data Grid Version7.0.0
DebianDebian Linux Version10.0
TukaaniXz Version < 5.2.5
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.72% 0.715
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 8.8 2.8 5.9
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.8 2.8 5.9
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE-179 Incorrect Behavior Order: Early Validation

The product validates input before applying protection mechanisms that modify the input, which could allow an attacker to bypass the validation via dangerous inputs that only arise after the modification.

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

https://bugzilla.redhat.com/show_bug.cgi?id=2073310
Third Party Advisory
Issue Tracking
https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html
Patch
Vendor Advisory
Mailing List
https://www.openwall.com/lists/oss-security/2022/04/07/8
Patch
Third Party Advisory
Mailing List