CVE-2021-31566

An improper link resolution flaw can occur while extracting an archive leading to changing modes, times, access control lists, and flags of a file outside of the archive. An attacker may provide a malicious archive to a victim user, who would trigger this flaw when trying to extract the archive. A local attacker may use this flaw to gain more privileges in a system.
Configurations

Configuration 1 (hide)

cpe:2.3:a:libarchive:libarchive:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:a:redhat:codeready_linux_builder:-:*:*:*:*:*:*:*
OR cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.6:*:*:*:*:*:*:*

Configuration 5 (hide)

cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

Configuration 6 (hide)

OR cpe:2.3:a:splunk:universal_forwarder:*:*:*:*:*:*:*:*
cpe:2.3:a:splunk:universal_forwarder:*:*:*:*:*:*:*:*
cpe:2.3:a:splunk:universal_forwarder:9.1.0:*:*:*:*:*:*:*

History

21 Nov 2024, 06:05

Type Values Removed Values Added
References () https://access.redhat.com/security/cve/CVE-2021-31566 - Third Party Advisory () https://access.redhat.com/security/cve/CVE-2021-31566 - Third Party Advisory
References () https://bugzilla.redhat.com/show_bug.cgi?id=2024237 - Issue Tracking, Patch, Third Party Advisory () https://bugzilla.redhat.com/show_bug.cgi?id=2024237 - Issue Tracking, Patch, Third Party Advisory
References () https://github.com/libarchive/libarchive/commit/b41daecb5ccb4c8e3b2c53fd6147109fc12c3043 - Patch, Third Party Advisory () https://github.com/libarchive/libarchive/commit/b41daecb5ccb4c8e3b2c53fd6147109fc12c3043 - Patch, Third Party Advisory
References () https://github.com/libarchive/libarchive/issues/1566 - Issue Tracking, Patch, Third Party Advisory () https://github.com/libarchive/libarchive/issues/1566 - Issue Tracking, Patch, Third Party Advisory
References () https://lists.debian.org/debian-lts-announce/2022/11/msg00030.html - Mailing List, Third Party Advisory () https://lists.debian.org/debian-lts-announce/2022/11/msg00030.html - Mailing List, Third Party Advisory

27 Mar 2024, 16:04

Type Values Removed Values Added
CPE cpe:2.3:a:splunk:universal_forwarder:*:*:*:*:*:*:*:*
cpe:2.3:a:splunk:universal_forwarder:9.1.0:*:*:*:*:*:*:*
First Time Splunk
Splunk universal Forwarder

Information

Published : 2022-08-23 16:15

Updated : 2024-11-21 06:05


NVD link : CVE-2021-31566

Mitre link : CVE-2021-31566

CVE.ORG link : CVE-2021-31566


JSON object : View

Products Affected

redhat

  • enterprise_linux_for_power_little_endian_eus
  • enterprise_linux_server_aus
  • enterprise_linux_server_tus
  • enterprise_linux_for_power_little_endian
  • enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions
  • enterprise_linux_eus
  • enterprise_linux
  • codeready_linux_builder
  • enterprise_linux_for_ibm_z_systems_eus
  • enterprise_linux_for_ibm_z_systems

splunk

  • universal_forwarder

libarchive

  • libarchive

debian

  • debian_linux

fedoraproject

  • fedora
CWE
CWE-59

Improper Link Resolution Before File Access ('Link Following')