Lucene search
K

18 matches found

Tenable Nessus
Tenable Nessus
added 2024/11/14 12:0 a.m.12 views

Fedora 37 : libtar (2022-88772d0a2d)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-88772d0a2d advisory. - fix use-after-free bugs introduced by incorrect memleak fixes CVE-2021-33640 Tenable has extracted the preceding description block directly from t...

9.8CVSS7.1AI score0.01431EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2023/06/12 12:0 a.m.18 views

Huawei EulerOS: Security Advisory for libtar (EulerOS-SA-2023-2224)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9AI score0.01431EPSS
Exploits0References2
Oracle linux
Oracle linux
added 2023/05/24 12:0 a.m.57 views

libtar security update

1.2.20-17 - fix use-after-free bugs introduced by incorrect memleak fixes CVE-2021-33640 1.2.20-16 - fix memory leaks through gnulongname,link CVE-2021-33645 CVE-2021-33646 - fix out-of-bounds read in gnulongname,link CVE-2021-33643 CVE-2021-33644...

9.8CVSS7AI score0.01431EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/03/24 12:0 a.m.19 views

EulerOS 2.0 SP11 : libtar (EulerOS-SA-2023-1575)

According to the versions of the libtar package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - After tarclose, libtar.c releases the memory pointed to by pointer t. After tarclose is called in the list function, it continues to use pointer ...

9.8CVSS7.1AI score0.00646EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2023/03/23 12:0 a.m.19 views

Huawei EulerOS: Security Advisory for libtar (EulerOS-SA-2023-1575)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.00646EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2023/03/20 12:0 a.m.6 views

Huawei EulerOS: Security Advisory for libtar (EulerOS-SA-2023-1529)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.00646EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2023/03/20 12:0 a.m.16 views

Huawei EulerOS: Security Advisory for libtar (EulerOS-SA-2023-1554)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.00646EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/03/20 12:0 a.m.27 views

CBL Mariner 2.0 Security Update: libtar (CVE-2021-33640)

The version of libtar installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2021-33640 advisory. - After tarclose, libtar.c releases the memory pointed to by pointer t. After tarclose is called in the list...

9.8CVSS7AI score0.00646EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2023/03/09 12:0 a.m.16 views

Huawei EulerOS: Security Advisory for libtar (EulerOS-SA-2023-1473)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.00646EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2023/03/09 12:0 a.m.8 views

Huawei EulerOS: Security Advisory for libtar (EulerOS-SA-2023-1448)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.00646EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/02/08 12:0 a.m.35 views

EulerOS 2.0 SP8 : libtar (EulerOS-SA-2023-1324)

According to the versions of the libtar package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - After tarclose, libtar.c releases the memory pointed to by pointer t. After tarclose is called in the list function, it continues to use pointer ...

9.8CVSS7AI score0.01431EPSS
Exploits0References6
CBLMariner
CBLMariner
added 2023/02/01 6:38 p.m.33 views

CVE-2021-33640 affecting package libtar for versions less than 1.2.20-11

CVE-2021-33640 affecting package libtar for versions less than 1.2.20-11. A patched version of the package is available...

9.8CVSS9.6AI score0.00646EPSS
Exploits0
OSV
OSV
added 2023/01/06 11:4 a.m.1 views

OESA-2023-1008 libtar security update

Libtar is a C library for manipulating POSIX tar files. It handles adding and extracting files to/from a tar archive. Requires gcc, make, and zlib. Security Fixes: After tarclose, libtar.c releases the memory pointed to by pointer t. After tarclose is called in the list function, it continues to...

9.8CVSS6.9AI score0.00646EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2023/01/02 12:0 a.m.14 views

Mageia: Security Advisory (MGASA-2022-0488)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.00646EPSS
Exploits0References4
Mageia
Mageia
added 2022/12/30 10:39 p.m.34 views

Updated libtar packages fix security vulnerability

After tarclose, libtar.c releases the memory pointed to by pointer t. After tarclose is called in the list function, it continues to use pointer t: freelonglinklongnamet-thbuf . As a result, the released memory is used use-after-free. CVE-2021-33640...

9.8CVSS2.3AI score0.00646EPSS
Exploits0References2
OSV
OSV
added 2022/12/30 10:39 p.m.4 views

MGASA-2022-0488 Updated libtar packages fix security vulnerability

After tarclose, libtar.c releases the memory pointed to by pointer t. After tarclose is called in the list function, it continues to use pointer t: freelonglinklongnamet-thbuf . As a result, the released memory is used use-after-free. CVE-2021-33640...

9.8CVSS6.5AI score0.00646EPSS
Exploits0References3
OSV
OSV
added 2022/12/19 4:15 p.m.8 views

AZL-12933 CVE-2021-33640 affecting package libtar for versions less than 1.2.20-11

After tarclose, libtar.c releases the memory pointed to by pointer t. After tarclose is called in the list function, it continues to use pointer t: freelonglinklongnamet-thbuf . As a result, the released memory is used use-after-free...

9.8CVSS5.8AI score0.00646EPSS
Exploits0References1
CVE
CVE
added 2022/12/19 12:0 a.m.88 views

CVE-2021-33640

CVE-2021-33640 is a use-after-free in libtar after tar_close() in tar_close/t->th_buf handling (free_longlink_longname). The issue is documented across multiple advisories and scanners: EulerOS (EulerOS-SA-2023-1575/1585), TencentOS/TSSA-2023:0136, Oracle Linux ELSA-2023-2898, Fedora 2022 advi...

9.8CVSS9.1AI score0.00646EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder