CVE-2022-1271

HIGH

GNU gzip - Arbitrary File Write via Crafted Multi-Line Filename

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2022-1271. PoCs published by greydoubt.

AI-analyzed exploit summary This repository contains test files and scripts related to the xz library, including references to CVE-2022-1271 (xzgrep filename handling). It includes fuzzing tests, coverage scripts, and test file generators but lacks direct exploit code for the CVE.

Description

An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name (for example, a crafted file name), this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation when processing filenames with two or more newlines where selected content and the target file names are embedded in crafted multi-line file names. This flaw allows a remote, low privileged attacker to force zgrep to write arbitrary files on the system.

Exploits (1)

nomisec WRITEUP

by greydoubt · poc

https://github.com/greydoubt/xz

View Code ZIP pw:eip

This repository contains test files and scripts related to the xz library, including references to CVE-2022-1271 (xzgrep filename handling). It includes fuzzing tests, coverage scripts, and test file generators but lacks direct exploit code for the CVE.

Classification

Writeup 90%

Attack Type

Other

Complexity

Moderate

Reliability

Theoretical

Target: xz (liblzma)

No auth needed

Prerequisites: xz library installation · test environment setup

MITRE ATT&CK