CVE-2023-30571

Name of the Vulnerable Software and Affected Versions Libarchive versions 3.6.2 and earlier

Description The issue is caused by a race condition with the umask() call inside archive write disk posix.c, which can lead to a permanent umask 0 setting. This can result in implicit directory creation with permissions 0777, allowing any low-privileged local user to delete and rename files inside those directories. The umask() function changes the umask of the whole process for a short period, and a race condition with another thread can cause this setting to become permanent.

Recommendations For Libarchive versions 3.6.2 and earlier, consider updating to a version later than 3.6.2 to resolve the issue. As a temporary workaround, consider restricting access to directories that may be affected by this issue to minimize the risk of exploitation. Additionally, be cautious when using the archive write disk posix.c component, as it may be vulnerable to this race condition.