CVE-2022-1271

Summary

CVE	CVE-2022-1271
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2022-08-31 16:15:00 UTC
Updated	2023-11-07 03:41:00 UTC
Description	An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name (for example, a crafted file name), this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation when processing filenames with two or more newlines where selected content and the target file names are embedded in crafted multi-line file names. This flaw allows a remote, low privileged attacker to force zgrep to write arbitrary files on the system.

Risk And Classification

Problem Types: CWE-20

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Operating System	Debian	Debian Linux	10.0	All	All	All
Application	Gnu	Gzip	All	All	All	All
Application	Redhat	Jboss Data Grid	7.0.0	All	All	All

References

Reference	Source	Link	Tags
git.tukaani.org - xz.git/commit	MISC	git.tukaani.org
Red Hat Customer Portal - Access to 24x7 support and knowledge	MISC	access.redhat.com
CVE-2022-1271 GNU Gzip Vulnerability in NetApp Products \| NetApp Product Security	CONFIRM	security.netapp.com
tukaani.org/xz/xzgrep-ZDI-CAN-16587.patch	MISC	tukaani.org
oss-security - zgrep, xzgrep: arbitrary-file-write vulnerability	MISC	www.openwall.com
git.tukaani.org - xz.git/commit		git.tukaani.org
2073310 – (CVE-2022-1271) CVE-2022-1271 gzip: arbitrary-file-write vulnerability	MISC	bugzilla.redhat.com
CVE-2022-1271	MISC	security-tracker.debian.org
bug#54772: gzip-1.12 released [stable]	MISC	lists.gnu.org
GNU Gzip, XZ Utils: Arbitrary file write (GLSA 202209-01) — Gentoo security	GENTOO	security.gentoo.org
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

Legacy QID Mappings

159764 Oracle Enterprise Linux Security Update for gzip (ELSA-2022-1537)
159789 Oracle Enterprise Linux Security Update for gzip (ELSA-2022-2191)
159889 Oracle Enterprise Linux Security Update for xz (ELSA-2022-4991)
159900 Oracle Enterprise Linux Security Update for xz (ELSA-2022-5052)
159921 Oracle Enterprise Linux Security Update for xz (ELSA-2022-4940)
159949 Oracle Enterprise Linux Security Update for gzip (ELSA-2022-4582)
179180 Debian Security Update for gzip (DLA 2976-1)
179184 Debian Security Update for xz-utils (DLA 2977-1)
179243 Debian Security Update for gzip (DSA 5122-1)
179244 Debian Security Update for xz-utils (DSA 5123-1)
183187 Debian Security Update for gzipxz-utils (CVE-2022-1271)
198742 Ubuntu Security Notification for Gzip Vulnerability (USN-5378-1)
198743 Ubuntu Security Notification for XZ Utils Vulnerability (USN-5378-2)
240233 Red Hat Update for gzip (RHSA-2022:1537)
240252 Red Hat Update for gzip (RHSA-2022:1665)
240257 Red Hat Update for gzip (RHSA-2022:1676)
240326 Red Hat Update for gzip (RHSA-2022:2191)
240350 Red Hat Update for gzip (RHSA-2022:4582)
240425 Red Hat Update for gzip (RHSA-2022:1592)
240453 Red Hat Update for xz (RHSA-2022:4940)
240461 Red Hat Update for xz (RHSA-2022:4993)
240462 Red Hat Update for xz (RHSA-2022:4992)
240463 Red Hat Update for xz (RHSA-2022:4991)
240469 Red Hat Update for xz (RHSA-2022:5052)
257169 CentOS Security Update for gzip (CESA-2022:2191)
257185 CentOS Security Update for xz (CESA-2022:5052)
353270 Amazon Linux Security Advisory for gzip, xz : ALAS2-2022-1782
353949 Amazon Linux Security Advisory for gzip : ALAS-2022-1590
353958 Amazon Linux Security Advisory for xz : ALAS-2022-1598
354300 Amazon Linux Security Advisory for gzip : ALAS2022-2022-188
354505 Amazon Linux Security Advisory for gzip, xz : ALAS2022-2022-058
354520 Amazon Linux Security Advisory for xz : ALAS2022-2022-187
354631 Amazon Linux Security Advisory for gzip : AL2012-2022-363
354632 Amazon Linux Security Advisory for xz : AL2012-2022-364
355124 Amazon Linux Security Advisory for xz : ALAS2023-2023-042
355166 Amazon Linux Security Advisory for gzip : ALAS2023-2023-043
376923 Alibaba Cloud Linux Security Update for gzip (ALINUX3-SA-2022:0030)
377066 Alibaba Cloud Linux Security Update for xz (ALINUX2-SA-2022:0027)
377072 Alibaba Cloud Linux Security Update for gzip (ALINUX2-SA-2022:0023)
377115 Alibaba Cloud Linux Security Update for xz (ALINUX3-SA-2022:0139)
500239 Alpine Linux Security Update for gzip
500827 Alpine Linux Security Update for xz
503988 Alpine Linux Security Update for gzip
504564 Alpine Linux Security Update for xz
591406 Siemens SIMATIC S7-1500 CPU GNU/Linux subsystem Multiple Vulnerabilities (SSB-439005, ICSA-22-104-13)
671669 EulerOS Security Update for gzip (EulerOS-SA-2022-1728)
671689 EulerOS Security Update for xz (EulerOS-SA-2022-1775)
671828 EulerOS Security Update for gzip (EulerOS-SA-2022-1892)
671878 EulerOS Security Update for gzip (EulerOS-SA-2022-1931)
671886 EulerOS Security Update for xz (EulerOS-SA-2022-1955)
671905 EulerOS Security Update for xz (EulerOS-SA-2022-2015)
671937 EulerOS Security Update for gzip (EulerOS-SA-2022-1998)
671949 EulerOS Security Update for gzip (EulerOS-SA-2022-1968)
671950 EulerOS Security Update for xz (EulerOS-SA-2022-1985)
671964 EulerOS Security Update for gzip (EulerOS-SA-2022-2158)
671978 EulerOS Security Update for gzip (EulerOS-SA-2022-2133)
671984 EulerOS Security Update for xz (EulerOS-SA-2022-2174)
672000 EulerOS Security Update for xz (EulerOS-SA-2022-2149)
690849 Free Berkeley Software Distribution (FreeBSD) Security Update for zgrep (b019585a-bfea-11ec-b46c-b42e991fc52e)
710614 Gentoo Linux GNU Gzip, XZ Utils Arbitrary file write Vulnerability (GLSA 202209-01)
752022 SUSE Enterprise Linux Security Update for xz (SUSE-SU-2022:1158-1)
752029 SUSE Enterprise Linux Security Update for xz (SUSE-SU-2022:1160-1)
752043 SUSE Enterprise Linux Security Update for gzip (SUSE-SU-2022:1250-1)
752050 SUSE Enterprise Linux Security Update for gzip (SUSE-SU-2022:1272-1)
752057 SUSE Enterprise Linux Security Update for gzip (SUSE-SU-2022:1275-1)
752115 SUSE Enterprise Linux Security Update for gzip (SUSE-SU-2022:1617-1)
752119 SUSE Enterprise Linux Security Update for gzip (SUSE-SU-2022:1650-1)
752132 SUSE Enterprise Linux Security Update for gzip (SUSE-SU-2022:1674-1)
752135 SUSE Enterprise Linux Security Update for gzip (SUSE-SU-2022:1673-1)
753229 SUSE Enterprise Linux Security Update for xz (SUSE-SU-2022:14938-1)
903784 Common Base Linux Mariner (CBL-Mariner) Security Update for gzip (10811) (DEPRECATED)
903817 Common Base Linux Mariner (CBL-Mariner) Security Update for gzip (10819)
904003 Common Base Linux Mariner (CBL-Mariner) Security Update for gzip (10811-1)
904151 Common Base Linux Mariner (CBL-Mariner) Security Update for gzip (10819-1)
940481 AlmaLinux Security Update for gzip (ALSA-2022:1537)
940955 AlmaLinux Security Update for xz (ALSA-2022:4991)
940956 AlmaLinux Security Update for xz (ALSA-2022:4940)
960246 Rocky Linux Security Update for gzip (RLSA-2022:1537)
960459 Rocky Linux Security Update for xz (RLSA-2022:4991)
960608 Rocky Linux Security Update for xz (RLSA-2022:4940)
960617 Rocky Linux Security Update for gzip (RLSA-2022:4582)