32.Lock Code Circular

A dangerous vulnerability has been discovered in the default Linux KDE extraction utility called ARK that allows malicious actors to overwrite files or execute code on victims' computers by tricking them into downloading an archive and extracting it. 

 

KDE is a desktop environment found in Linux distributions such as OpenSUSE, Kali, KUbuntu, and others that offers a graphical user interface to the operating system.

Discovered by security researcher Dominik Penner of Hackers for Change, a path traversal vulnerability has been found in the default ARK archive utility that allows malicious actors to perform remote code execution by distributing malicious archives.