OpenClaw versions prior to 2026.3.2 contain an archive extraction vulnerability in the tar.bz2 installer path that bypasses safety checks…
VulnCheck·CWE-409·Published 2026-03-21
OpenClaw versions prior to 2026.3.2 contain an archive extraction vulnerability in the tar.bz2 installer path that bypasses safety checks enforced on other archive formats. Attackers can craft malicious tar.bz2 skill archives to bypass special-entry blocking and extracted-size guardrails, causing local denial of service during skill installation.
OpenClaw versions prior to 2026.3.2 contain an archive extraction vulnerability in the tar.bz2 installer path that bypasses safety checks enforced on other archive formats. Attackers can craft malicious tar.bz2 skill archives to bypass special-entry blocking and extracted-size guardrails, causing local denial of service during skill installation.
### Summary The `tar.bz2` installer path in `src/agents/skills-install-download.ts` used shell tar preflight/extract logic that did not share the same hardening guarantees as the centralized archive extractor. This allowed crafted `.tar.bz2` archives to bypass special-entry blocking and extracted-size guardrails enforced on other archive paths, causing local availability impact during skill install. ### Affected Packages / Versions - Package: `openclaw` (npm) - Latest published at triage time: `2026.3.1` - Affected range: `<= 2026.3.1` - Patched in: `2026.3.2` (released) ### Impact Local DoS / availability impact when processing untrusted `.tar.bz2` skill archives. ### Fix Commit(s) - `0dbb92dd2bcf9a32379d11c0f11ed016669dae3e` ### Related advisories - Canonical overlap (closed): GHSA-3pj7-x8jr-jvj8 - Duplicate variant (closed): GHSA-rgr7-g85h-6v82
Las versiones de OpenClaw anteriores a la 2026.3.2 contienen una vulnerabilidad de extracción de archivos en la ruta del instalador tar.bz2 que omite las comprobaciones de seguridad aplicadas a otros formatos de archivo. Los atacantes pueden crear archivos de habilidad tar.bz2 maliciosos para omitir el bloqueo de entradas especiales y las barreras de protección de tamaño extraído, causando una denegación de servicio local durante la instalación de la habilidad.
| Version | Type | Source | Base | Exp | Impact | Vector |
|---|---|---|---|---|---|---|
| 3.1 | Primary | NVD | 5.5 | 1.8 | 3.6 | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
| 3.1 | Primary | cve.org | 5.5 | — | — | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
| 4.0 | Primary | cve.org | 6.7 | — | — | CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N |
| 4.0 | Secondary | NVD | 6.7 | — | — | CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |