oss-sec mailing list archives
Re: CVE Request: cpio -- directory traversal
From: Vitezslav Cizek <vcizek () suse cz>
Date: Mon, 2 Feb 2015 18:48:35 +0100
Hi, * Dne Friday 16. January 2015, 03:44:25 [CET] Alexander Cherepanov napsal:
Hi! cpio is susceptible to a directory traversal vulnerability via symlinks.
Here's a patch we use in SUSE for some time. It forbids to write over symlinks, similar to bsdtar. It also adds a new option "--extract-over-symlinks" to restore the original behaviour. I sent it to Sergey Poznyakoff (upstream maintainer) in July, but there was no response. Here's a corresponding bug in SUSE bugzilla: https://bugzilla.suse.com/show_bug.cgi?id=658010
Initial report: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774669 Upstream report: https://lists.gnu.org/archive/html/bug-cpio/2015-01/msg00000.html Some discussion: http://www.openwall.com/lists/oss-security/2015/01/07/5 http://www.openwall.com/lists/oss-security/2015/01/08/4 Could CVE(s) please be assigned? -- Alexander Cherepanov
-- Vita Cizek
Attachment:
cpio-check_for_symlinks.patch
Description:
Attachment:
signature.asc
Description: Digital signature
Current thread:
- CVE Request: cpio -- directory traversal Alexander Cherepanov (Jan 15)
- Re: CVE Request: cpio -- directory traversal Lyndon Nerenberg (Jan 15)
- Re: CVE Request: cpio -- directory traversal Alexander Cherepanov (Jan 15)
- Re: CVE Request: cpio -- directory traversal cve-assign (Jan 18)
- Re: CVE Request: cpio -- directory traversal Vitezslav Cizek (Feb 02)
- Re: CVE Request: cpio -- directory traversal Alexander Cherepanov (Feb 05)
- Re: CVE Request: cpio -- directory traversal Lyndon Nerenberg (Jan 15)