FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

FreeBSD -- Multiple libarchive vulnerabilities

Affected packages
11.0 <= FreeBSD < 11.0_1
10.3 <= FreeBSD < 10.3_10
10.2 <= FreeBSD < 10.2_23
10.1 <= FreeBSD < 10.1_40

Details

VuXML ID 1a71a972-8ee7-11e6-a590-14dae9d210b8
Discovery 2016-10-05
Entry 2016-10-10

Problem Description:

Flaws in libarchive's handling of symlinks and hard links allow overwriting files outside the extraction directory, or permission changes to a directory outside the extraction directory.

Impact:

An attacker who can control freebsd-update's or portsnap's input to tar can change file content or permisssions on files outside of the update tool's working sandbox.

References

FreeBSD Advisory SA-16:31.libarchive