Lucene search
+L

29 matches found

redhat
redhat
added 4 days ago4 views

libarchive: heap overflow OOB read while parsing a tar archive contains a PAX extended header

A flaw was found in libarchive. This vulnerability allows a remote attacker to trigger a heap overflow by providing a specially crafted tar archive. The issue occurs during the parsing of a PAX extended header containing a malformed SUN.holesdata sparse-file attribute. Successful exploitation cou...

3.9CVSS6.2AI score0.00203EPSS
Exploits0References6
nvd
nvd
added 6 days ago7 views

CVE-2026-15028

A flaw was found in libarchive. This vulnerability allows a remote attacker to trigger a heap overflow by providing a specially crafted tar archive. The issue occurs during the parsing of a PAX extended header containing a malformed SUN.holesdata sparse-file attribute. Successful exploitation cou...

3.9CVSS0.00203EPSS
Exploits0References5
attackerkb
attackerkb
added 6 days ago7 views

CVE-2026-15028

A flaw was found in libarchive. This vulnerability allows a remote attacker to trigger a heap overflow by providing a specially crafted tar archive. The issue occurs during the parsing of a PAX extended header containing a malformed SUN.holesdata sparse-file attribute. Successful exploitation cou...

3.9CVSS6.2AI score0.00203EPSS
Exploits0References6
cve
cve
added 6 days ago16 views

CVE-2026-15028

In libarchive, CVE-2026-15028 describes a heap overflow triggered while parsing a tar archive’s PAX extended header with a malformed SUN.holesdata sparse-file attribute. The vulnerability is exploitable remotely to cause DoS or potentially arbitrary code execution on affected systems. The root ca...

3.9CVSS6.2AI score0.00203EPSS
Exploits0References5
vulnrichment
vulnrichment
added 6 days ago7 views

CVE-2026-15028 Libarchive: heap overflow oob read while parsing a tar archive contains a pax extended header

A flaw was found in libarchive. This vulnerability allows a remote attacker to trigger a heap overflow by providing a specially crafted tar archive. The issue occurs during the parsing of a PAX extended header containing a malformed SUN.holesdata sparse-file attribute. Successful exploitation cou...

3.9CVSS6.2AI score0.00203EPSS
Exploits0References5
cvelist
cvelist
added 6 days ago39 views

CVE-2026-15028 Libarchive: heap overflow oob read while parsing a tar archive contains a pax extended header

A flaw was found in libarchive. This vulnerability allows a remote attacker to trigger a heap overflow by providing a specially crafted tar archive. The issue occurs during the parsing of a PAX extended header containing a malformed SUN.holesdata sparse-file attribute. Successful exploitation cou...

3.9CVSS0.00203EPSS
Exploits0References5
redhatcve
redhatcve
added 6 days ago8 views

CVE-2026-15028

A flaw was found in libarchive. This vulnerability allows a remote attacker to trigger a heap overflow by providing a specially crafted tar archive. The issue occurs during the parsing of a PAX extended header containing a malformed SUN.holesdata sparse-file attribute. Successful exploitation cou...

3.9CVSS6.2AI score0.00203EPSS
Exploits0References5
ptsecurity
ptsecurity
added 6 days ago8 views

PT-2026-57143

Name of the Vulnerable Software and Affected Versions libarchive affected versions not specified Description A flaw in the parsing of a PAX extended header allows a remote attacker to trigger a heap overflow by providing a specially crafted tar archive. The issue specifically occurs when processi...

3.9CVSS6.3AI score0.00203EPSS
Exploits0References11
snyk
snyk
added 2026/07/08 10:10 a.m.5 views

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow in the parsing process of a tar archive containing a PAX extended header with a malformed SUN.holesdata sparse-file attribute. An attacker can cause a heap overflow and out-of-bounds read by supplying a...

3.9CVSS6.3AI score0.00203EPSS
Exploits0References2
debiancve
debiancve
added 2026/06/24 9:59 a.m.9 views

CVE-2026-52944

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix FSCTL permission bypass by adding a permission check for FSCTLSETSPARSE FSCTLSETSPARSE in fsctlsetsparse modifies the file's sparse attribute and saves it through xattr without any permission checks. This exposes two...

5.5CVSS5.7AI score0.00121EPSS
Exploits0
redhatcve
redhatcve
added 2026/05/27 9:3 p.m.9 views

CVE-2026-46013

A flaw was found in the Linux kernel. An issue in the memfdluo component, specifically within the putfolios cleanup path of memfdluoretrievefolios, leads to incorrect physical address conversion and a missing check for sparse file holes. This could result in incorrect memory handling, potentially...

5.5CVSS5.8AI score0.00107EPSS
Exploits0References4
cvelist
cvelist
added 2026/05/27 12:56 p.m.43 views

CVE-2026-46013 mm/memfd_luo: fix physical address conversion in put_folios cleanup

In the Linux kernel, the following vulnerability has been resolved: mm/memfdluo: fix physical address conversion in putfolios cleanup In memfdluoretrievefolios's putfolios cleanup path: 1. khorestorefolio expects a physaddrt physical address but receives a raw PFN pfolio-pfn. This causes...

0.00107EPSS
Exploits0References2
euvd
euvd
added 2026/05/27 12:56 p.m.10 views

EUVD-2026-32310

In the Linux kernel, the following vulnerability has been resolved: mm/memfdluo: fix physical address conversion in putfolios cleanup In memfdluoretrievefolios's putfolios cleanup path: 1. khorestorefolio expects a physaddrt physical address but receives a raw PFN pfolio-pfn. This causes...

5.8AI score0.00107EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in tar

In the sparse.c file of GNU Tar, before version 1.32, there was a NULL pointer dereferencing issue when parsing certain archives that contained malformed extended headers...

7.5CVSS6.6AI score0.03028EPSS
Exploits0References2
nessus
nessus
added 2026/01/14 12:0 a.m.7 views

TencentOS Server 3: go-toolset:rhel8 (TSSA-2025:1002)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:1002 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

6.5CVSS6.8AI score0.00489EPSS
Exploits1References3
redhat
redhat
added 2025/12/18 1:16 p.m.3 views

golang: archive/tar: Unbounded allocation when parsing GNU sparse map

A flaw was found in the archive/tar package in the Go standard library. tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A specially crafted tar archive with a pax header indicating a big number of sparse regions can cause a Go...

4.3CVSS7.1AI score0.00419EPSS
Exploits0References8
osv
osv
added 2024/07/12 1:55 p.m.18 views

SUSE-SU-2024:2463-1 Security update for squashfs

This update for squashfs fixes the following issues: - CVE-2015-4645,CVE-2015-4646: Multiple buffer overflows fixed in squashfs-tools bsc935380 - CVE-2021-40153: Fixed an issue where an attacker might have been able to write a file outside of destination bsc1189936 - CVE-2021-41072: Fixed an issu...

8.1CVSS7.7AI score0.0691EPSS
Exploits2References8
susecve
susecve
added 2023/02/15 5:52 a.m.4 views

SUSE CVE-2011-2695

Multiple off-by-one errors in the ext4 subsystem in the Linux kernel before 3.0-rc5 allow local users to cause a denial of service BUGON and system crash by accessing a sparse file in extent format with a write operation involving a block number corresponding to the largest possible 32-bit unsign...

4.9CVSS6.2AI score0.00451EPSS
Exploits1References3
nessus
nessus
added 2012/08/01 12:0 a.m.38 views

Scientific Linux Security Update : rsync on SL5.x i386/x86_64

rsync is a program for synchronizing files over a network. A flaw was found in the way the rsync daemon handled the 'filter', 'exclude', and 'exclude from' options, used for hiding files and preventing access to them from rsync clients. A remote attacker could use this flaw to bypass those...

10CVSS5.5AI score0.05442EPSS
Exploits0References2
redhat
redhat
added 2011/10/20 5:20 p.m.4 views

kernel: ext4: kernel panic when writing data to the last block of sparse file

Multiple off-by-one errors in the ext4 subsystem in the Linux kernel before 3.0-rc5 allow local users to cause a denial of service BUGON and system crash by accessing a sparse file in extent format with a write operation involving a block number corresponding to the largest possible 32-bit unsign...

4.9CVSS5.8AI score0.00451EPSS
Exploits1References4
Rows per page
Query Builder