QID 901101

Date Published: 2022-05-11

QID 901101: Common Base Linux Mariner (CBL-Mariner) Security Update for squashfs-tools (7464-1)

CBL-Mariner 2.0 is an internal Linux distribution for cloud infrastructure and edge products and services of Microsoft.
CBL-Mariner has released a security update for squashfs-tools to fix the vulnerabilities.

Successful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.

  • CVSS V3 rated as Critical - 8.1 severity.
  • CVSS V2 rated as Medium - 5.8 severity.
  • Solution

    CBL-Mariner has issued updated packages to fix this vulnerability. For more information about the vulnerability and obtaining patches, refer to the following CBL-Mariner 2.0 security advisories:https://github.com/microsoft/CBL-Mariner/tree/2.0

    Vendor References

    CVEs related to QID 901101

    Software Advisories
    Advisory ID Software Component Link
    7464-1 CBL-Mariner Linux 2\\.0 URL Logo github.com/microsoft/CBL-Mariner/tree/2.0