ELSA-2024-2396

ULN >
Oracle Linux Errata repository >
ELSA-2024-2396

ELSA-2024-2396 - squashfs-tools security update

Type:	SECURITY
Severity:	MODERATE
Release Date:	2024-05-02

Description

[4.4-10.git1]
- CVE-2021-41072 squashfs-tools: additional write outside destination directory exploit fix
CVE-2021-40153 squashfs-tools: unvalidated filepaths allow writing outside of destination
rhbz#2007304 RHEL-7763

[4.4-9.git1]
- CVE-2021-40153 squashfs-tools: unvalidated filepaths allow writing outside of destination
rhbz#2000638

Related CVEs

CVE-2021-40153

CVE-2021-41072

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory	Channel Label

Oracle Linux 9 (aarch64)	squashfs-tools-4.4-10.git1.el9.src.rpm	373a3599558c934365a61354a8f95217	-	ol9_aarch64_baseos_latest
	squashfs-tools-4.4-10.git1.el9.src.rpm	373a3599558c934365a61354a8f95217	-	ol9_aarch64_u4_baseos_base
	squashfs-tools-4.4-10.git1.el9.aarch64.rpm	5ff18022ef8a58fa4d94ae1ef5bdd7fd	-	ol9_aarch64_baseos_latest
	squashfs-tools-4.4-10.git1.el9.aarch64.rpm	5ff18022ef8a58fa4d94ae1ef5bdd7fd	-	ol9_aarch64_u4_baseos_base

Oracle Linux 9 (x86_64)	squashfs-tools-4.4-10.git1.el9.src.rpm	373a3599558c934365a61354a8f95217	-	ol9_x86_64_baseos_latest
	squashfs-tools-4.4-10.git1.el9.src.rpm	373a3599558c934365a61354a8f95217	-	ol9_x86_64_u4_baseos_base
	squashfs-tools-4.4-10.git1.el9.x86_64.rpm	f17b4068696de36b32c1ae023c9ba855	-	ol9_x86_64_baseos_latest
	squashfs-tools-4.4-10.git1.el9.x86_64.rpm	f17b4068696de36b32c1ae023c9ba855	-	ol9_x86_64_u4_baseos_base

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691