CVE-2023-30571 in libarchive
Summary
by MITRE • 05/29/2023
Libarchive through 3.6.2 can cause directories to have world-writable permissions. The umask() call inside archive_write_disk_posix.c changes the umask of the whole process for a very short period of time; a race condition with another thread can lead to a permanent umask 0 setting. Such a race condition could lead to implicit directory creation with permissions 0777 (without the sticky bit), which means that any low-privileged local user can delete and rename files inside those directories.
VulDB is the best source for vulnerability data and more expert information about this specific topic.
Analysis
by VulDB Data Team • 12/23/2025
The vulnerability identified as CVE-2023-30571 affects libarchive versions through 3.6.2 and represents a critical access control flaw that undermines file system security through improper permission handling. This issue stems from a race condition in the archive_write_disk_posix.c file where the umask() system call temporarily modifies the process umask for only a brief moment. The flaw occurs when multiple threads execute concurrently, allowing another thread to interfere with the umask modification process. When this race condition manifests, it can result in the umask being permanently set to 0, which effectively disables all permission restrictions. This vulnerability is particularly concerning because it directly violates fundamental security principles of file system access control and can be exploited by low-privileged users to gain unauthorized access to sensitive directories and files.
The technical implementation of this vulnerability involves the improper handling of umask values within the libarchive library's POSIX disk writing functionality. The race condition specifically occurs during the temporary umask modification process where the library attempts to set umask to a restrictive value before extracting files or directories. However, if another thread modifies the umask value during this brief window, the umask can be permanently set to 0, which translates to world-writable permissions for all newly created files and directories. The underlying issue can be categorized as a race condition vulnerability and maps to CWE-362, which specifically addresses concurrent execution issues that can lead to security flaws. This particular implementation flaw demonstrates poor thread synchronization practices and inadequate protection against concurrent access to system-level permission settings.
The operational impact of CVE-2023-30571 extends far beyond simple permission misconfiguration, as it creates a persistent security weakness that can be exploited by any local user with minimal privileges. When directories are created with 0777 permissions, they become completely accessible to all users on the system, allowing unauthorized deletion, renaming, and modification of files within those directories. This vulnerability effectively creates a backdoor for privilege escalation and data tampering, particularly in environments where libarchive is used for decompressing archives or extracting files from untrusted sources. The implications are severe for system administrators who rely on libarchive for various file management operations, as it can compromise the integrity of entire file systems and potentially provide attackers with persistent access to sensitive data. The vulnerability is especially dangerous in multi-user environments where users may not have legitimate access to certain directories but can exploit this flaw to gain unauthorized access.
Mitigation strategies for CVE-2023-30571 must address both immediate remediation and long-term architectural improvements to prevent similar race conditions in the future. The most effective immediate solution is to upgrade to libarchive version 3.6.3 or later, where the race condition has been properly addressed through improved thread synchronization mechanisms and more robust umask handling. System administrators should also implement additional monitoring and auditing of file permissions, particularly around directories that are frequently created through archive extraction operations. The vulnerability demonstrates the importance of proper synchronization in multi-threaded applications and highlights the need for defensive programming practices that prevent race conditions from affecting system-level security settings. Organizations should also consider implementing process-level restrictions and monitoring for abnormal umask changes, as these can serve as early warning indicators of similar security flaws. From an ATT&CK perspective, this vulnerability maps to T1059.007 for execution through archive extraction and T1566 for initial access through malicious archive files, making it a critical component in attack chains that leverage file system permission flaws.