CVE-2022-1271
moderate-risk
Published 2022-08-31
An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name (for example, a crafted file name), this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation when processing filenames with two or more newlines where selected content and the target file names are embedded in crafted multi-line file names. This flaw allows a remote, low privileged attacker to force zgrep to write arbitrary files on the system.
Do I need to act?
-
0.81% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
8
CVSS 8.8/10
High
NETWORK
/ LOW complexity
Affected Products (4)
References (18)
Third Party Advisory
https://access.redhat.com/security/cve/CVE-2022-1271
Issue Tracking
https://bugzilla.redhat.com/show_bug.cgi?id=2073310
Third Party Advisory
https://security-tracker.debian.org/tracker/CVE-2022-1271
Third Party Advisory
https://security.gentoo.org/glsa/202209-01
Third Party Advisory
https://security.netapp.com/advisory/ntap-20220930-0006/
Third Party Advisory
https://access.redhat.com/security/cve/CVE-2022-1271
Issue Tracking
https://bugzilla.redhat.com/show_bug.cgi?id=2073310
Third Party Advisory
https://security-tracker.debian.org/tracker/CVE-2022-1271
Third Party Advisory
https://security.gentoo.org/glsa/202209-01
Third Party Advisory
https://security.netapp.com/advisory/ntap-20220930-0006/
43
/ 100
moderate-risk
Severity
30/34 · Critical
Exploitability
3/34 · Minimal
Exposure
10/34 · Low