39 matches found
Memory corruption
The thread function doesn’t free a variable t-thbuf.gnulongname after allocating memory, which may cause a memory leak...
UBUNTU-CVE-2021-33645
The thread function doesn’t free a variable t-thbuf.gnulonglink after allocating memory, which may cause a memory leak...
CVE-2021-33645
The thread function doesn’t free a variable t-thbuf.gnulonglink after allocating memory, which may cause a memory leak...
CVE-2021-33645
The thread function doesn’t free a variable t-thbuf.gnulonglink after allocating memory, which may cause a memory leak...
CVE-2021-33646
The thread function doesn’t free a variable t-thbuf.gnulongname after allocating memory, which may cause a memory leak...
CVE-2021-33646
The thread function doesn’t free a variable t-thbuf.gnulongname after allocating memory, which may cause a memory leak...
openEuler 安全漏洞
openEuler is an operating system from the Open Atomics Open Source Foundation. A security vulnerability exists in versions 20.03-LTS-SP1, 20.03-LTS-SP3, and 22.03-LTS of openEuler, which stems from the thread function not freeing the variable t-thbuf.gnulonglink after allocating memory, which cou...
CVE-2021-33646
The thread function doesn’t free a variable t-thbuf.gnulongname after allocating memory, which may cause a memory leak...
CVE-2021-33646
The thread function doesn’t free a variable t-thbuf.gnulongname after allocating memory, which may cause a memory leak...
CVE-2021-33645
The thread function doesn’t free a variable t-thbuf.gnulonglink after allocating memory, which may cause a memory leak...
CVE-2021-33645
The thread function doesn’t free a variable t-thbuf.gnulonglink after allocating memory, which may cause a memory leak...
CVE-2021-33645
CVE-2021-33645 reports a memory leak in the libtar th_read() function due to not freeing t->th_buf.gnu_longlink after allocation. Connected advisories confirm this affects multiple distributions with varying affected versions (e.g., libtar ≤ 1.2.20-11 in some cases; sometimes ≤ 1.2.20-10 or 1....
CVE-2021-33646
CVE-2021-33646 affects the libtar library. The root cause is a memory leak in th_read() where t->th_buf.gnu_longname is not freed after allocation, as documented across multiple advisories (including Debian DLA-4033-1, CBLMariner entries, AlmaLinux ALSA-2023:2898, and OpenEuler/CNNVD reference...
Denial Of Service (DoS)
libtar.so is vulnerable to denial of service DoS. It is possible because the thread function in lib/block.c does not check the name and link parameters in archive, allowing the attackers to cause heap-based buffer overflow...
Denial Of Service (DoS)
libtar.so is vulnerable to denial of service DoS. It is possible because the thread function in lib/block.c does not check the name and link parameters in archive, allowing the attackers to cause heap-based buffer overflow...
libtar: Arbitraty code execution
Background libtar is a C library for manipulating POSIX tar files. Description An integer overflow error within the “thread” function when processing long names or link extensions can be exploited to cause a heap-based buffer overflow via a specially crafted archive. Impact A remote attacker coul...
UBUNTU-CVE-2013-4397
Multiple integer overflows in the thread function in lib/block.c in libtar before 1.2.20 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via a long 1 name or 2 link in an archive, which triggers a heap-based buffer overflow...
CVE-2013-4397
Multiple integer overflows in the thread function in lib/block.c in libtar before 1.2.20 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via a long 1 name or 2 link in an archive, which triggers a heap-based buffer overflow...
libtar: Heap-based buffer overflows by expanding a specially-crafted archive
Multiple integer overflows in the thread function in lib/block.c in libtar before 1.2.20 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via a long 1 name or 2 link in an archive, which triggers a heap-based buffer overflow...