Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 912652

Summary: <app-arch/rar-6.23: remote code execution
Product: Gentoo Security Reporter: John Helmert III <ajak>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: conikost
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://www.win-rar.com/singlenewsview.html?&L=0&tx_ttnews[tt_news]=232&cHash=c5bf79590657e32554c6683296a8e8aa
Whiteboard: B2 [glsa+]
Package list:
Runtime testing required: ---
Bug Depends on:    
Bug Blocks: 913247    

Description John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2023-08-20 06:32:10 UTC 
Almost seems benign according to the upstream changelog:

"a security issue involving out of bounds write is fixed in RAR4 recovery volumes processing code.

We are thankful to goodbyeselene working with Trend Micro Zero Day Initiative for letting us know about this bug;"

ZDI advisory: https://www.zerodayinitiative.com/advisories/ZDI-23-1152/

"This vulnerability allows remote attackers to execute arbitrary code on affected installations of RARLAB WinRAR. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file."

I haven't seen any information about whether this affects other RAR
unpackers.
Comment 1 Hans de Graaff gentoo-dev Security 2023-08-31 18:07:45 UTC 
GLSA vote: yes
Comment 2 Larry the Git Cow gentoo-dev 2023-09-17 05:32:04 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/data/glsa.git/commit/?id=3f97fbbdcd3a42d36e9bc91731f3b8dd278a9393

commit 3f97fbbdcd3a42d36e9bc91731f3b8dd278a9393
Author:     Sam James <sam@gentoo.org>
AuthorDate: 2023-09-17 05:31:48 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2023-09-17 05:31:48 +0000

    [ GLSA 202309-04 ] RAR, UnRAR: Add CVE-2023-40477 too
    
    Bug: https://bugs.gentoo.org/912652
    Signed-off-by: Sam James <sam@gentoo.org>

 glsa-202309-04.xml | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)
Comment 3 Larry the Git Cow gentoo-dev 2023-09-17 05:41:31 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/data/glsa.git/commit/?id=aa3a7cb5bcee7cc0d61e80a9bfed7daeeec89ba3

commit aa3a7cb5bcee7cc0d61e80a9bfed7daeeec89ba3
Author:     Sam James <sam@gentoo.org>
AuthorDate: 2023-09-17 05:41:22 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2023-09-17 05:41:22 +0000

    [ GLSA 202309-04 ] RAR, UnRAR: Update resolution
    
    Bug: https://bugs.gentoo.org/912652
    Signed-off-by: Sam James <sam@gentoo.org>

 glsa-202309-04.xml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)