CVE-2020-24654

In KDE Ark before 20.08.1, a crafted TAR archive with symlinks can install files outside the extraction directory, as demonstrated by a write operation to a user's home directory.

References

Affected packages

Git / github.com/kde/ark

Affected ranges

Type: GIT
Repo: https://github.com/kde/ark
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

8bf8c5ef07b0ac5e914d752681e470dea403a5bd

Affected versions

v1.*

v1.1.0

v14.*

v14.11.80

v14.11.90

v14.11.95

v14.11.97

v14.12.0

v14.12.1

v14.12.2

v15.*

v15.03.80

v15.03.90

v15.03.95

v15.03.97

v15.04.0

v15.04.1

v15.04.2

v15.07.80

v15.07.90

v15.08.0

v15.08.1

v15.08.2

v15.08.3

v15.11.80

v15.11.90

v15.12.0

v15.12.1

v15.12.2

v15.12.3

v16.*

v16.03.80

v16.03.90

v16.04.0

v16.04.1

v16.04.2

v16.04.3

v16.07.80

v16.07.90

v16.08.0

v16.08.1

v16.08.2

v16.11.80

v16.11.90

v16.12.0

v16.12.1

v16.12.2

v17.*

v17.03.80

v17.03.90

v17.04.0

v17.04.1

v17.04.2

v17.04.3

v17.07.80

v17.07.90

v17.08.0

v17.08.1

v17.08.2

v17.11.80

v17.11.90

v17.12.0

v17.12.1

v17.12.2

v17.12.3

v18.*

v18.03.80

v18.03.90

v18.04.0

v18.04.1

v18.04.2

v18.07.80

v18.07.90

v18.08.0

v18.08.1

v18.08.2

v18.11.80

v18.11.90

v18.12.0

v18.12.1

v18.12.2

v19.*

v19.03.80

v19.03.90

v19.04.0

v19.04.1

v19.04.2

v19.07.80

v19.07.90

v19.08.0

v19.08.1

v19.08.2

v19.11.80

v19.11.90

v19.12.0

v19.12.1

v19.12.2

v19.12.3

v2.*

v2.0.0

v2.1.0

v2.2.0

v20.*

v20.03.80

v20.03.90

v20.04.0

v20.04.1

v20.04.2

v20.04.3

v20.07.80

v20.07.90

v20.08.0

v3.*

v3.0.0

v3.2.0

v3.3.0

v3.4.0

v3.4.0-beta1

v3.4.0-beta2

v3.4.90

v3.4.91

v3.80.2

v3.80.3

v3.90.1

v3.93

v3.94

v3.95

v3.96

v3.97

v4.*

v4.0.0

v4.0.71

v4.0.80

v4.0.83

v4.0.98

v4.1.80

v4.1.85

v4.1.96

v4.10.0

v4.10.1

v4.10.2

v4.10.3

v4.10.4

v4.10.5

v4.10.80

v4.10.90

v4.11.80

v4.11.90

v4.11.95

v4.11.97

v4.12.0

v4.12.1

v4.12.2

v4.12.3

v4.12.80

v4.12.90

v4.12.95

v4.12.97

v4.13.0

v4.13.1

v4.13.80

v4.13.90

v4.13.95

v4.13.97

v4.14.0

v4.14.1

v4.14.2

v4.14.3

v4.2.85

v4.2.90

v4.2.95

v4.3.80

v4.3.85

v4.3.90

v4.4.80

v4.4.85

v4.4.90

v4.5.80

v4.5.85

v4.5.90

v4.5.95

v4.6.0

v4.6.1

v4.6.2

v4.6.3

v4.6.80

v4.6.90

v4.6.95

v4.7.80

v4.7.90

v4.7.95

v4.7.97

v4.8.0

v4.8.1

v4.8.2

v4.8.3

v4.8.4

v4.8.5

v4.8.80

v4.8.90

v4.8.95

v4.8.97

v4.9.0

v4.9.1

v4.9.2

v4.9.3

v4.9.4

v4.9.80

v4.9.90

v4.9.95

v4.9.97

v4.9.98

Database specific

vanir_signatures

[
    {
        "source": "https://github.com/kde/ark/commit/8bf8c5ef07b0ac5e914d752681e470dea403a5bd",
        "signature_type": "Line",
        "deprecated": false,
        "id": "CVE-2020-24654-6bd062c2",
        "signature_version": "v1",
        "digest": {
            "line_hashes": [
                "126268697906387531437154722463783316877",
                "317460705606065930337357873444419032854",
                "22211685237769324778665279359871263565",
                "41088019058332385618989110578566294914",
                "155381852536936527875410613708669712708",
                "47780818950179183007580105816750554121"
            ],
            "threshold": 0.9
        },
        "target": {
            "file": "plugins/libarchive/libarchiveplugin.cpp"
        }
    },
    {
        "source": "https://github.com/kde/ark/commit/8bf8c5ef07b0ac5e914d752681e470dea403a5bd",
        "signature_type": "Function",
        "deprecated": false,
        "id": "CVE-2020-24654-9152fb74",
        "signature_version": "v1",
        "digest": {
            "length": 144.0,
            "function_hash": "162839930763540093723269469660633470842"
        },
        "target": {
            "function": "LibarchivePlugin::extractionFlags",
            "file": "plugins/libarchive/libarchiveplugin.cpp"
        }
    }
]