19 matches found
JLSEC-2026-185
In GNU tar before 1.35, mishandled extension attributes in a PAX archive can lead to an application crash in xheader.c...
GNU tar mishandled extension attributes in a PAX archive
In GNU tar before 1.35, mishandled extension attributes in a PAX archive can lead to an application crash in xheader.c...
Linux Distros Unpatched Vulnerability : CVE-2023-39804
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In GNU tar before 1.35, mishandled extension attributes in a PAX archive can lead to an application crash in xheader.c. CVE-2023-39804 Note that Nessus relies o...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from eaget not properly handling the large size extension attribute, which could lead to a buffer overflow...
openSUSE Security Advisory (SUSE-SU-2024:0070-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
In GNU tar before 1.35 mishandled extension attributes in a PAX archive can lead to an application crash in xheader.c.
...
ROS-20240425-02
A vulnerability in the GNU Tar archiver is related to improper handling of extension attributes in the PAX archive. Exploitation of the vulnerability could allow an attacker acting remotely to transmit special data to the application and cause a denial of service. special data to the application...
EulerOS Virtualization 2.10.1 : tar (EulerOS-SA-2024-1558)
According to the versions of the tar package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In GNU tar before 1.35, mishandled extension attributes in a PAX archive can lead to an application crash in xheader.c. CVE-2023-3980...
DEBIAN-CVE-2023-39804
In GNU tar before 1.35, mishandled extension attributes in a PAX archive can lead to an application crash in xheader.c...
CVE-2023-39804
In GNU tar before 1.35, mishandled extension attributes in a PAX archive can lead to an application crash in xheader.c...
CVE-2023-39804
In GNU tar before 1.35, mishandled extension attributes in a PAX archive can lead to an application crash in xheader.c...
AZL-52625 CVE-2023-39804 affecting package tar for versions less than 1.34-3
In GNU tar before 1.35, mishandled extension attributes in a PAX archive can lead to an application crash in xheader.c...
CVE-2023-39804
In GNU tar before 1.35, mishandled extension attributes in a PAX archive can lead to an application crash in xheader.c...
CVE-2023-39804
CVE-2023-39804 corresponds to a GNU tar issue where mishandled extension attributes in a PAX archive can crash an application via xheader.c. The connected IBM bulletin maps this CVE to IBM API Connect onPrem v12 (12.1.0.0) and lists remediation by upgrading to v12.1.0.1. The IBM advisory presents...
CVE-2023-39804
In GNU tar before 1.35, mishandled extension attributes in a PAX archive can lead to an application crash in xheader.c...
SUSE CVE-2023-39804
In GNU tar before 1.35, mishandled extension attributes in a PAX archive can lead to an application crash in xheader.c...
CVE-2023-39804
In GNU tar before 1.35, mishandled extension attributes in a PAX archive can lead to an application crash in xheader.c...
UBUNTU-CVE-2023-39804
In GNU tar before 1.35, mishandled extension attributes in a PAX archive can lead to an application crash in xheader.c...
PT-2023-27111 · Gnu +5 · Gnu Tar +5
Name of the Vulnerable Software and Affected Versions: GNU tar versions prior to 1.35 Description: The issue arises from mishandled extension attributes in a PAX archive, which can cause an application crash in xheader.c. Recommendations: For GNU tar versions prior to 1.35, update to version 1.35...