235 matches found
CVE-2021-33643
A flaw was found in libtar. This flaw allows an attacker who submits a crafted tar file with the size in the header struct being 0 to trigger a calling of malloc0 for a variable gnulonglink, causing an out-of-bounds read...
Critical Photon OS Security Update - PHSA-2022-0509
Updates of 'libtar' packages of Photon OS have been released...
Critical Photon OS Security Update - PHSA-2022-3.0-0437
Updates of 'libtiff', 'libtar', 'open-iscsi' packages of Photon OS have been released...
Critical Photon OS Security Update - PHSA-2022-0231
Updates of 'libtar', 'libtiff' packages of Photon OS have been released...
Critical Photon OS Security Update - PHSA-2022-4.0-0231
Updates of 'libtar', 'libtiff' packages of Photon OS have been released...
Denial Of Service (DoS)
libtar.so is vulnerable to denial of service. The vulnerability exists due to a memory leak from not freeing variable t-thbuf.gnulongname in the function thread causing the system to go out of memory and crash...
AZL-10544 CVE-2021-33645 affecting package libtar for versions less than 1.2.20-10
The thread function doesn’t free a variable t-thbuf.gnulonglink after allocating memory, which may cause a memory leak...
AZL-34948 CVE-2021-33645 affecting package libtar for versions less than 1.2.20-11
The thread function doesn’t free a variable t-thbuf.gnulonglink after allocating memory, which may cause a memory leak...
AZL-34949 CVE-2021-33646 affecting package libtar for versions less than 1.2.20-11
The thread function doesn’t free a variable t-thbuf.gnulongname after allocating memory, which may cause a memory leak...
AZL-10542 CVE-2021-33643 affecting package libtar for versions less than 1.2.20-10
An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc0 for a variable gnulonglink, causing an out-of-bounds read...
AZL-10545 CVE-2021-33646 affecting package libtar for versions less than 1.2.20-10
The thread function doesn’t free a variable t-thbuf.gnulongname after allocating memory, which may cause a memory leak...
AZL-34947 CVE-2021-33644 affecting package libtar for versions less than 1.2.20-11
An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc0 for a variable gnulongname, causing an out-of-bounds read...
AZL-34946 CVE-2021-33643 affecting package libtar for versions less than 1.2.20-11
An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc0 for a variable gnulonglink, causing an out-of-bounds read...
AZL-10543 CVE-2021-33644 affecting package libtar for versions less than 1.2.20-10
An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc0 for a variable gnulongname, causing an out-of-bounds read...
OESA-2022-1807 libtar security update
Libtar is a C library for manipulating POSIX tar files. It handles adding and extracting files to/from a tar archive. Requires gcc, make, and zlib. Security Fixes: An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc0 for a...
CVE-2013-4420 affecting package libtar for versions less than 1.2.20-8
CVE-2013-4420 affecting package libtar for versions less than 1.2.20-8. A patched version of the package is available...
Huawei EulerOS: Security Advisory for libtar (EulerOS-SA-2022-1078)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2014-0090)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2013-0309)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP8 : libtar (EulerOS-SA-2021-2302)
According to the version of the libtar package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Multiple directory traversal vulnerabilities in the 1 tarextractglob and 2 tarextractall functions in libtar 1.2.20 and earlier allow remote attacke...