CVE-2024-5187

Name of the Vulnerable Software and Affected Versions onnx/onnx versions 1.16.0 through 1.16.1

Description The issue arises from the download model with test data function's handling of tar file extraction without performing security checks on the paths within the tar file. This vulnerability enables attackers to overwrite any file on the system, potentially leading to remote code execution, deletion of system, personal, or application files, thus impacting the integrity and availability of the system. For example, an attacker can overwrite the /home/kali/.ssh/authorized keys file by specifying an absolute path in the malicious tar file.

Recommendations For onnx/onnx version 1.16.0, update to version 1.16.2 or later to resolve the issue. For onnx/onnx versions prior to 1.16.2, update to version 1.16.2 or later to resolve the issue. As a temporary workaround, consider disabling the download model with test data function until a patch is available. Restrict access to the download model with test data function to minimize the risk of exploitation.