Source: onnx Version: 1.14.1-2.1 Severity: important Tags: security upstream Forwarded: https://github.com/onnx/onnx/pull/6164 X-Debbugs-Cc: car...@debian.org, Debian Security Team <t...@security.debian.org>
Hi, The following vulnerability was published for onnx. CVE-2024-5187[0]: | A vulnerability in the `download_model_with_test_data` function of | the onnx/onnx framework, version 1.16.0, allows for arbitrary file | overwrite due to inadequate prevention of path traversal attacks in | malicious tar files. This vulnerability enables attackers to | overwrite any file on the system, potentially leading to remote code | execution, deletion of system, personal, or application files, thus | impacting the integrity and availability of the system. The issue | arises from the function's handling of tar file extraction without | performing security checks on the paths within the tar file, as | demonstrated by the ability to overwrite the | `/home/kali/.ssh/authorized_keys` file by specifying an absolute | path in the malicious tar file. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2024-5187 https://www.cve.org/CVERecord?id=CVE-2024-5187 [1] https://github.com/onnx/onnx/pull/6164 [2] https://github.com/onnx/onnx/commit/3fc3845edb048df559aa2a839e39e95503a0ee34 Please adjust the affected versions in the BTS as needed. Regards, Salvatore
