Directory traversal vulnerability in the read_long_names function in
libelf/elf_begin.c allows remote attackers to write to arbitrary files
to the root directory via a / (slash) in a crafted archive, as
demonstrated using the ar program.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
any | any | any | lib32-elfutils | < 0.161-2 | UNKNOWN |