Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2011-4089 — Bzip2 vulnerability

CWE-2647 documents7 sources

Severity

4.6MEDIUMNVD

EPSS

0.2%

top 64.22%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Bzip Bzip2 Debian Bzip2

Timeline

PublishedApr 16

Latest updateMay 17

Description

The bzexe command in bzip2 1.0.5 and earlier generates compressed executables that do not properly handle temporary files during extraction, which allows local users to execute arbitrary code by precreating a temporary directory.

CVSS vector

AV:L/AC:L/C:P/I:P/A:PExploitability: 3.9 | Impact: 6.4

Affected Packages3 packages

▶debiandebian/bzip2< bzip2 1.0.6-1 (bookworm)

▶Debianbzip/bzip2< 1.0.6-1+3

▶NVDbzip/bzip21.0.4+4

Patches

Patch: www.ubuntu.com ↗Patch: bugs.debian.org ↗Patch: www.ubuntu.com ↗

🔴Vulnerability Details

GHSA

GHSA-f3fh-cjxj-26mw: The bzexe command in bzip2 1↗2022-05-17

▶

OSV

CVE-2011-4089: The bzexe command in bzip2 1↗2014-04-16

▶

💥Exploits & PoCs

Exploit-DB

bzexe (bzip2) - Race Condition↗2011-11-23

▶

📋Vendor Advisories

Ubuntu

bzip2 vulnerability↗2011-12-14

▶

Debian

CVE-2011-4089: bzip2 - The bzexe command in bzip2 1.0.5 and earlier generates compressed executables th...↗2011

▶

Red Hat

CVE-2011-4089: The bzexe command in bzip2 1↗

▶