Specially crafted tar file can grant access to restricted files or directories
CVE-2024-0406

6.1MEDIUM

Key Information:

Status
Red Hat Openshift Container Platform 4.18
Red Hat Advanced Cluster Security 3
Red Hat Advanced Cluster Security 4
Vendor
CVE Published:
6 April 2024

Badges

👾 Exploit Exists🟡 Public PoC

Summary

A flaw was discovered in the mholt/archiver package. This flaw allows an attacker to create a specially crafted tar file, which, when unpacked, may allow access to restricted files or directories. This issue can allow the creation or overwriting of files with the user's or application's privileges using the library.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2024-0406-POC
Created by walidpyh

References

https://access.redhat.com/errata/RHSA-2025:2449
vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-0406
vdb-entryx_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2257749
issue-trackingx_refsource_REDHAT

EPSS Score

7% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
High
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • 🟡

    Public PoC available

  • 👾

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

Credit

This issue was discovered by Stefan Cornelius (Red Hat).
.