Уязвимость функции from_header (list.c) архиватора GNU Tar, связанная с чтением за пределами памяти, позволяющая нарушителю получить доступ к конфиденциальным данным

GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs in from_header in list.c via a V7 archive in which mtime has approximately 11 whitespace characters.

GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs in from_header in list.c via a V7 archive in which mtime has approximately 11 whitespace characters.

GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs in from_header in list.c via a V7 archive in which mtime has approximately 11 whitespace characters.

GNU Tar through 1.34 has a one-byte out-of-bounds read that results in ...

Security update for tar

Security update for tar

Уязвимость GNU Tar

Moderate: tar security update

Moderate: tar security update

GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs in from_header in list.c via a V7 archive in which mtime has approximately 11 whitespace characters.

ELSA-2023-0959: tar security update (MODERATE)

ELSA-2023-0842: tar security update (MODERATE)