10 matches found
GHSA-GCHP-Q4R4-X4FF tar-rs incorrectly ignores PAX size headers if header size is nonzero
Summary As part of CVE-2025-62518 the astral-tokio-tar project was changed to correctly honor PAX size headers in the case where it was different from the base header. However, it was missed at the time that this project the original Rust tar crate had a conditional logic that skipped the PAX siz...
tar-rs incorrectly ignores PAX size headers if header size is nonzero
Summary As part of CVE-2025-62518 the astral-tokio-tar project was changed to correctly honor PAX size headers in the case where it was different from the base header. However, it was missed at the time that this project the original Rust tar crate had a conditional logic that skipped the PAX siz...
DEBIAN-CVE-2026-33055
tar-rs is a tar archive reading/writing library for Rust. Versions 0.4.44 and below have conditional logic that skips the PAX size header in cases where the base header size is nonzero. As part of CVE-2025-62518, the astral-tokio-tar project was changed to correctly honor PAX size headers in the...
CVE-2026-33055
tar-rs is a tar archive reading/writing library for Rust. Versions 0.4.44 and below have conditional logic that skips the PAX size header in cases where the base header size is nonzero. As part of CVE-2025-62518, the astral-tokio-tar project was changed to correctly honor PAX size headers in the...
CVE-2026-33055 tar-rs incorrectly ignores PAX size headers if header size is nonzero
tar-rs is a tar archive reading/writing library for Rust. Versions 0.4.44 and below have conditional logic that skips the PAX size header in cases where the base header size is nonzero. As part of CVE-2025-62518, the astral-tokio-tar project was changed to correctly honor PAX size headers in the...
RUSTSEC-2026-0068 tar-rs incorrectly ignores PAX size headers if header size is nonzero
Versions 0.4.44 and below of tar-rs have conditional logic that skips the PAX size header in cases where the base header size is nonzero. As part of CVE-2025-62518astral-cve, the astral-tokio-tar project was changed to correctly honor PAX size headers in the case where it was different from the...
kernel: erspan: make sure erspan_base_hdr is present in skb->head
In the Linux kernel, the following vulnerability has been resolved: erspan: make sure erspanbasehdr is present in skb-head The Linux kernel CVE team has assigned CVE-2024-35888 to this issue. Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024051947-CVE-2024-35888-1e04@gregkh/T...
kernel: erspan: make sure erspan_base_hdr is present in skb->head
In the Linux kernel, the following vulnerability has been resolved: erspan: make sure erspanbasehdr is present in skb-head The Linux kernel CVE team has assigned CVE-2024-35888 to this issue. Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024051947-CVE-2024-35888-1e04@gregkh/T...
UBUNTU-CVE-2024-35888
In the Linux kernel, the following vulnerability has been resolved: erspan: make sure erspanbasehdr is present in skb-head syzbot reported a problem in ip6erspanrcv 1 Issue is that ip6erspanrcv and erspanrcv no longer make sure erspanbasehdr is present in skb linear part skb-head before getting...
CVE-2007-6631
Multiple buffer overflows in LScube libnemesi 0.6.4-rc1 and earlier allow remote attackers to execute arbitrary code via 1 a reply that begins with a long version string, which triggers an overflow in handlertsppkt in rtsphandlers.c; long headers that trigger overflows in 2 sendpauserequest, 3...