Vulnerability Description
An issue was discovered in Wind River VxWorks 6.9 and 7. The function ``tarExtract`` implements TAR file extraction and thereby also processes files within an archive that have relative or absolute file paths. A developer using the "tarExtract" function may expect that the function will strip leading slashes from absolute paths or stop processing when encountering relative paths that are outside of the extraction path, unless otherwise forced. This could lead to unexpected and undocumented behavior, which in general could result in a directory traversal, and associated unexpected behavior.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Windriver | Vxworks | 6.9 |
Related Weaknesses (CWE)
References
- https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2023-38346PatchVendor Advisory
- https://support2.windriver.com/index.php?page=security-noticesVendor Advisory
- https://www.pentagrid.ch/en/blog/wind-river-vxworks-tarextract-directory-traversExploitTechnical DescriptionThird Party Advisory
- https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2023-38346PatchVendor Advisory
- https://support2.windriver.com/index.php?page=security-noticesVendor Advisory
- https://www.pentagrid.ch/en/blog/wind-river-vxworks-tarextract-directory-traversExploitTechnical DescriptionThird Party Advisory
FAQ
What is CVE-2023-38346?
CVE-2023-38346 is a vulnerability with a CVSS score of 8.8 (HIGH). An issue was discovered in Wind River VxWorks 6.9 and 7. The function ``tarExtract`` implements TAR file extraction and thereby also processes files within an archive that have relative or absolute fi...
How severe is CVE-2023-38346?
CVE-2023-38346 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-38346?
Check the references section above for vendor advisories and patch information. Affected products include: Windriver Vxworks.