CVE-2021-33645

Опубликовано: 10 авг. 2022

Источник: debian

Описание

The th_read() function doesn’t free a variable t->th_buf.gnu_longlink after allocating memory, which may cause a memory leak.

Пакет	Статус	Версия исправления	Релиз	Тип
libtar	removed			package
libtar	fixed	1.2.20-8+deb12u1	bookworm	package

https://bugzilla.redhat.com/show_bug.cgi?id=2121295
(not-upstream) patch from OpenEuler: https://gitee.com/src-openeuler/libtar/blob/master/openEuler-CVE-2021-33645-CVE-2021-33646.patch

CVE-2021-33645

CVSS3: 7.5

ubuntu

почти 3 года назад

The th_read() function doesn’t free a variable t->th_buf.gnu_longlink after allocating memory, which may cause a memory leak.

CVE-2021-33645

CVSS3: 7.5

redhat

почти 3 года назад

The th_read() function doesn’t free a variable t->th_buf.gnu_longlink after allocating memory, which may cause a memory leak.

CVE-2021-33645

CVSS3: 7.5

nvd

почти 3 года назад

The th_read() function doesn’t free a variable t->th_buf.gnu_longlink after allocating memory, which may cause a memory leak.

CVE-2021-33645

CVSS3: 7.5

msrc

почти 3 года назад

Описание отсутствует

GHSA-j8q5-rwmr-9hg8

CVSS3: 7.5

github

почти 3 года назад

The th_read() function doesn’t free a variable t->th_buf.gnu_longlink after allocating memory, which may cause a memory leak.