FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-18 11:12:36 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
38fdf07b-e8ec-11ea-8bbe-e0d55e2a8bf9	ark -- extraction outside of extraction directory Albert Astals Cid reports: Overview A maliciously crafted TAR archive containing symlink entries would install files anywhere in the user's home directory upon extraction. Proof of concept For testing, an example of malicious archive can be found at dirsymlink.tar Impact Users can unwillingly install files like a modified .bashrc, or a malicious script placed in ~/.config/autostart. Workaround Before extracting a downloaded archive using the Ark GUI, users should inspect it to make sure it doesn't contain symlink entries pointing outside the extraction folder. The 'Extract' context menu from the Dolphin file manager shouldn't be used. Solution Ark 20.08.1 skips maliciously crafted symlinks when extracting TAR archives. Alternatively, 8bf8c5ef07b0ac5e914d752681e470dea403a5bd can be applied to previous releases. Credits Thanks to Fabian Vogt for reporting this issue and for fixing it. Discovery 2020-08-27 Entry 2020-08-28 ark < 20.08.0_1 https://kde.org/info/security/advisory-20200827-1.txt CVE-2020-24654

VuXML ID

Description

38fdf07b-e8ec-11ea-8bbe-e0d55e2a8bf9

ark -- extraction outside of extraction directory

Albert Astals Cid reports:

Overview

A maliciously crafted TAR archive containing symlink entries would install files anywhere in the user's home directory upon extraction.

Proof of concept

For testing, an example of malicious archive can be found at dirsymlink.tar

Impact

Users can unwillingly install files like a modified .bashrc, or a malicious script placed in ~/.config/autostart.

Workaround

Before extracting a downloaded archive using the Ark GUI, users should inspect it to make sure it doesn't contain symlink entries pointing outside the extraction folder.

The 'Extract' context menu from the Dolphin file manager shouldn't be used.

Solution

Ark 20.08.1 skips maliciously crafted symlinks when extracting TAR archives.

Alternatively, 8bf8c5ef07b0ac5e914d752681e470dea403a5bd can be applied to previous releases.

Credits

Thanks to Fabian Vogt for reporting this issue and for fixing it.

Discovery 2020-08-27
Entry 2020-08-28
ark

< 20.08.0_1

https://kde.org/info/security/advisory-20200827-1.txt
CVE-2020-24654