Max Justicz discovered that dpkg incorrectly handled unpacking certain
source packages. If a user or an automated system were tricked into
unpacking a specially crafted source package, a remote attacker could
modify files outside the target unpack directory, leading to a denial of
service or potentially gaining access to the system.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 22.04 | noarch | dpkg | < 1.21.1ubuntu2.1 | UNKNOWN |
Ubuntu | 22.04 | noarch | dpkg-dbgsym | < 1.21.1ubuntu2.1 | UNKNOWN |
Ubuntu | 22.04 | noarch | dpkg-dev | < 1.21.1ubuntu2.1 | UNKNOWN |
Ubuntu | 22.04 | noarch | dselect | < 1.21.1ubuntu2.1 | UNKNOWN |
Ubuntu | 22.04 | noarch | dselect-dbgsym | < 1.21.1ubuntu2.1 | UNKNOWN |
Ubuntu | 22.04 | noarch | libdpkg-dev | < 1.21.1ubuntu2.1 | UNKNOWN |
Ubuntu | 22.04 | noarch | libdpkg-perl | < 1.21.1ubuntu2.1 | UNKNOWN |
Ubuntu | 21.10 | noarch | dpkg | < 1.20.9ubuntu2.2 | UNKNOWN |
Ubuntu | 21.10 | noarch | dpkg-dbgsym | < 1.20.9ubuntu2.2 | UNKNOWN |
Ubuntu | 21.10 | noarch | dpkg-dev | < 1.20.9ubuntu2.2 | UNKNOWN |