CVE-2021-33644 affecting package libtar for versions less than 1.2.20-11

CVE-2021-33644 affecting package libtar for versions less than 1.2.20-11. A patched version of the package is available...

CVE-2021-33643 affecting package libtar for versions less than 1.2.20-11

CVE-2021-33643 affecting package libtar for versions less than 1.2.20-11. A patched version of the package is available...

CVE-2021-33640 affecting package libtar for versions less than 1.2.20-11

CVE-2021-33640 affecting package libtar for versions less than 1.2.20-11. A patched version of the package is available...

CVE-2021-33646 affecting package libtar for versions less than 1.2.20-11

CVE-2021-33646 affecting package libtar for versions less than 1.2.20-11. A patched version of the package is available...

K000135439: libtar vulnerabilities CVE-2021-33643, CVE-2021-33644, CVE-2021-33645, CVE-2021-33646

Security Advisory Description CVE-2021-33643 An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc0 for a variable gnulonglink, causing an out-of-bounds read. CVE-2021-33644 An attacker who submits a crafted tar file with size in...

Oracle Linux 8 : libtar (ELSA-2023-2898)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-2898 advisory. - fix use-after-free bugs introduced by incorrect memleak fixes CVE-2021-33640 - fix memory leaks through gnulongname,link CVE-2021-33645 CVE-2021-3364...

Critical Photon OS Security Update - PHSA-2023-5.0-0010

Updates of 'apr', 'libtar', 'libksba', 'strongswan', 'containerd', 'emacs' packages of Photon OS have been released...

AlmaLinux 8 : libtar (ALSA-2023:2898)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2023:2898 advisory. - An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc0 for a variable gnulonglink,...

RHEL 8 : libtar (RHSA-2023:2898)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:2898 advisory. The libtar packages contain a C library for manipulating tar archives. The library supports both the strict POSIX tar format and many of the...

libtar: out-of-bounds read in gnu_longlink

A flaw was found in libtar. This flaw allows an attacker who submits a crafted tar file with the size in the header struct being 0 to trigger a calling of malloc0 for a variable gnulonglink, causing an out-of-bounds read...

libtar: out-of-bounds read in gnu_longname

A flaw was found in libtar. This flaw allows an attacker who submits a crafted tar file with size in header struct being 0 to trigger a calling of malloc0 for a variable gnulongname, causing an out-of-bounds read...

libtar: memory leak found in th_read() function

A flaw was found in libtar. This security vulnerability occurs because the thread function in libtar doesn’t free a variable t-thbuf.gnulonglink after allocating memory, which may cause a memory leak...

libtar: memory leak found in th_read() function

A flaw was found in libtar. This security vulnerability occurs because the thread function in libtar doesn’t free a variable t-thbuf.gnulongname after allocating memory, which may cause a memory leak...

CentOS 8 : libtar (CESA-2023:2898)

The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2023:2898 advisory. - An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc0 for a variable gnulonglink...

ALSA-2023:2898 Moderate: libtar security update

The libtar packages contain a C library for manipulating tar archives. The library supports both the strict POSIX tar format and many of the commonly used GNU extensions. Security Fixes: libtar: out-of-bounds read in gnulonglink CVE-2021-33643 libtar: out-of-bounds read in gnulongname...

Moderate: libtar security update

The libtar packages contain a C library for manipulating tar archives. The library supports both the strict POSIX tar format and many of the commonly used GNU extensions. Security Fixes: libtar: out-of-bounds read in gnulonglink CVE-2021-33643 libtar: out-of-bounds read in gnulongname...

Huawei EulerOS: Security Advisory for libtar (EulerOS-SA-2023-1753)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 3.0.2.0 : libtar (EulerOS-SA-2023-1753)

According to the versions of the libtar package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc0 for a...

EulerOS 2.0 SP11 : libtar (EulerOS-SA-2023-1585)

According to the versions of the libtar package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - After tarclose, libtar.c releases the memory pointed to by pointer t. After tarclose is called in the list function, it continues to use pointer ...

Huawei EulerOS: Security Advisory for libtar (EulerOS-SA-2023-1585)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...