pacman: silent downgrade

ID ASA-201507-23
Type archlinux
Reporter Arch Linux
Modified 2015-07-29T00:00:00


A flaw has been discovered in pacman that is leading to possible silent package downgrade when exploited. While loading each package it was not ensured that the internal version matches the expected database version, leading to the possibility to circumvent the version check. This issue can be used by an attacker to trick the software into installing an older version. This behavior can be exploited by a man-in-the-middle attack through specially crafted database tarball containing a higher version, yet actually delivering an older and vulnerable version, which was previously shipped.