CVE-2022-1271 log

Source
Severity High
Remote No
Type Arbitrary command execution
Description 
Malicious filenames with two or more newlines can make zgrep and xzgrep to write to arbitrary files or (with a GNU sed extension) lead to arbitrary code execution. The issue with the old code is that with multiple newlines, the N-command will read the second line of input, then the s-commands will be skipped because it's not the end of  the file yet, then a new sed cycle starts and the pattern space is printed and emptied. So only the last line or two get escaped.
Group Package Affected Fixed Severity Status Ticket
AVG-2666 gzip 1.11-1 1.12-1 High Fixed
AVG-2665 xz 5.2.5-2 5.2.5-3 High Fixed
Date Advisory Group Package Severity Type
07 Apr 2022 ASA-202204-8 AVG-2665 xz High arbitrary command execution
07 Apr 2022 ASA-202204-7 AVG-2666 gzip High arbitrary command execution
References 
https://git.savannah.gnu.org/cgit/gzip.git/commit/?id=dc9740df61e575e8c3148b7bd3c147a81ea00c7c
https://savannah.gnu.org/forum/forum.php?forum_id=10157
https://git.tukaani.org/?p=xz.git;a=commit;h=69d1b3fc29677af8ade8dc15dba83f0589cb63d6
https://tukaani.org/xz/xzgrep-ZDI-CAN-16587.patch
https://tukaani.org/xz/xzgrep-ZDI-CAN-16587.patch.sig
Notes 
xzgrep from XZ Utils versions up to and including 5.2.5 are affected. 5.3.1alpha and 5.3.2alpha are affected as well.
This bug was inherited into xzgrep from gzip's zgrep.
gzip 1.12 includes a fix for zgrep.