EulerOS Virtualization 2.5.3 : tar (EulerOS-SA-2019-1262)

According to the version of the tar package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - GNU Tar through 1.30, when --sparse is used, mishandles file shrinkage during read access, which allows local users to cause a denial of...

Tar: Denial of service

Background The Tar program provides the ability to create and manipulate tar archives. Description The sparsedumpregion function in sparse.c file in Tar allows an infinite loop using the --sparse option. Impact A local attacker could cause a Denial of Service condition by modifying a file that is...

GNU tar has been updated to fix CVE-2018-20482

GNU Tar through 1.30, when --sparse is used, mishandles file shrinkage during read access, which allows local users to cause a denial of service infinite read loop in sparsedumpregion in sparse.c by modifying a file that is supposed to be archived by a different user's process e.g., a system back...

CVE-2018-20482

GNU Tar through 1.30, when --sparse is used, mishandles file shrinkage during read access, which allows local users to cause a denial of service infinite read loop in sparsedumpregion in sparse.c by modifying a file that is supposed to be archived by a different user's process e.g., a system back...

CVE-2018-20482

CVE-2018-20482 affects GNU tar: when using --sparse, tar can enter an infinite read loop during file shrinkage, enabling a local attacker to cause a denial of service by modifying a file being archived by another user. Affected until upstream tar versions prior to the fix; remediation is to upgra...