Bug ID 1175475
Summary VUL-0: CVE-2020-14352: librepo: missing path validation in repomd.xml may lead to directory traversal
Classification openSUSE
Product openSUSE Distribution
Version Leap 15.1
Hardware Other
URL https://smash.suse.de/issue/265258/
OS Other
Status NEW
Severity Major
Priority P5 - None
Component Security
Assignee christian.voegl@suse.com
Reporter rfrohl@suse.com
QA Contact security-team@suse.de
CC pth@suse.com
Found By Security Response Team
Blocker --- 

rh#1866498

Librepo fails to sanitize paths in the 'repomd.xml' configuration file.
Malformed or malicious repository metadata could allow a remote attacker to
copy files outside of the destination directory via path traversal. Considering
that DNF runs as root, this flaw could potentially result in system compromise
via arbitrary file overwriting of critical system files.

References:
https://bugzilla.redhat.com/show_bug.cgi?id=1866498
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-14352
https://access.redhat.com/security/cve/CVE-2020-14352

You are receiving this mail because: