Ubuntu Security Notice 2482-1 - Alexander Cherepanov discovered that libelf1 incorrectly handled certain filesystem paths while extracting ar archives. An attacker could use this flaw to perform a directory traversal attack on the root directory if the process extracting the ar archive has write access to the root directory.
0501eb5ac15bf63c79698d578fb24ba1292e1cb67bffeeaf249be1b94aca86dd