Bug 2257749 (CVE-2024-0406)

Summary: CVE-2024-0406 mholt/archiver: path traversal vulnerability
Product: [Other] Security Response Reporter: Robb Gatica <rgatica>
Component: vulnerabilityAssignee: Product Security <prodsec-ir-bot>
Status: NEW --- QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: dfreiber, drow, jburrell, security-response-team, sidakwo, vkumar
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: mholt 4 Doc Type: ---
Doc Text:
A flaw was discovered in the mholt/archiver package. This flaw allows an attacker to create a specially crafted tar file, which, when unpacked, may allow access to restricted files or directories. This issue can allow the creation or overwriting of files with the user's or application's privileges using the library.
 Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 2257750    

Description Robb Gatica 2024-01-10 18:40:35 UTC 
Reference INC2833242:

-----
There's an issue in https://github.com/mholt/archiver/ (version 3). v4 is not affected, as it doesn't support this functionality.

It's a path traversal when unpacking a specially crafted tar archive. I've originally reported this in Syft, but the underlying issue is in this library.
Comment 6 errata-xmlrpc 2025-03-11 02:08:12 UTC 
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.18

Via RHSA-2025:2449 https://access.redhat.com/errata/RHSA-2025:2449