Описание
An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc(0) for a variable gnu_longname, causing an out-of-bounds read.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| libtar | removed | package | ||
| libtar | fixed | 1.2.20-8+deb12u1 | bookworm | package |
Примечания
https://bugzilla.redhat.com/show_bug.cgi?id=2121292
(not-upstream) patch from OpenEuler: https://gitee.com/src-openeuler/libtar/blob/master/openEuler-CVE-2021-33643-CVE-2021-33644.patch
EPSS
Связанные уязвимости
An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc(0) for a variable gnu_longname, causing an out-of-bounds read.
An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc(0) for a variable gnu_longname, causing an out-of-bounds read.
An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc(0) for a variable gnu_longname, causing an out-of-bounds read.
An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc(0) for a variable gnu_longname, causing an out-of-bounds read.
EPSS