Friday, March 18, 2022

Centos Linux: CVE-2021-31566: Moderate: libarchive security update (CESA-2022:0892)

An improper link resolution flaw can occur while extracting an archive leading to changing modes, times, access control lists, and flags of a file outside of the archive. An attacker may provide a malicious archive to a victim user, who would trigger this flaw when trying to extract the archive. A local attacker may use this flaw to gain more privileges in a system.
  • centos-upgrade-bsdcat-debuginfo
  • centos-upgrade-bsdcpio-debuginfo
  • centos-upgrade-bsdtar
  • centos-upgrade-bsdtar-debuginfo
  • centos-upgrade-libarchive
  • centos-upgrade-libarchive-debuginfo
  • centos-upgrade-libarchive-debugsource

  • References
  • CESA-2022:0892
  • CVE-2021-31566


    Copyright © 2021 Vulnerability Database | Cyber Details™

    thank you Templateism for the design - You should have written the code a little more complicated - Nothing Encrypted anymore