AGL app-framework-main thru 17.1.12 contains a Zip Slip path traversal vulnerability (CWE-22) combined with a TOCTOU race condition (CWE-367) in the widget installation flow. The is_valid_filename function in wgtpkg-zip.c validates ZIP entry names but does not check for dot notation directory traversal sequences it only blocks absolute paths. The zread extraction function uses openat(workdirfd, filename, O_CREAT) which resolves dot notation values relative to the work directory, allowing files to be written anywhere on the filesystem. Critically, in function install_widget in file wgtpkg-install.c, extraction via zread occurs BEFORE signature verification via check_all_signatures. Even if signature verification fails, the error cleanup (remove_workdir) only deletes the temporary work directory files written outside via path traversal persist permanently.
The `is_valid_filename` function in the `wgtpkg-zip.c` file verifies ZIP archive entry names, but only blocks absolute paths — it does not check sequences containing dot notation (e.g., `../`). The `zread` function performs extraction using `openat(workdirfd, filename, O_CREAT)`, which resolves relative paths outside the working directory and enables files to be written anywhere on the system. The critical TOCTOU race condition lies in the `install_widget` function (in `wgtpkg-install.c`) where file extraction by `zread` occurs BEFORE signature verification by `check_all_signatures`. Even if signature verification fails, the cleanup procedure `remove_workdir` only removes files from the temporary directory — files written outside it via path traversal remain on the file system permanently.
An unauthenticated attacker can write arbitrary files to any location on the device's file system, which in practice enables permanent system takeover, privilege escalation, or malicious code injection — even if the supplied widget has an invalid signature.
Apply patches available from the manufacturer according to the references. Temporarily restrict widget installation to trusted, authenticated sources and monitor the integrity of critical file system resources. It is recommended to monitor the project repository at https://gerrit.automotivelinux.org/gerrit/src/app-framework-main to obtain current fixes.
AGL app-framework-main in versions up to and including 17.1.12.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HLinuxfoundation Automotive Grade Linux
OSLinuxfoundation≤ 17.1.12
Related vulnerabilities
AGL app-framework-binder (afb-daemon) through v19.90.0 contains a privilege escalation vulnerability in the su...
AGL app-framework-binder (afb-daemon) through v19.90.0 allows any local process to execute privileged supervis...
AGL agl-service-can-low-level thru 17.1.12 contains a stack buffer overflow in the uds-c library. The send_dia...
AGL agl-service-can-low-level thru 17.1.12 contains a heap buffer over-read in the isotp-c library. In isotp_c...
In MPD before 0.23.8, as used on Automotive Grade Linux and other platforms, the PipeWire output plugin mishan...