EUVD-2026-10895

file-type affected by infinite loop in ASF parser on malformed input with zero-size sub-header...

GHSA-5V7R-6R5C-R473 file-type affected by infinite loop in ASF parser on malformed input with zero-size sub-header

Impact A denial of service vulnerability exists in the ASF WMV/WMA file type detection parser. When parsing a crafted input where an ASF sub-header has a size field of zero, the parser enters an infinite loop. The payload value becomes negative -24, causing tokenizer.ignorepayload to move the rea...

CVE-2026-31808 file-type affected by infinite loop in ASF parser on malformed input with zero-size sub-header

file-type detects the file type of a file, stream, or data. Prior to 21.3.1, a denial of service vulnerability exists in the ASF WMV/WMA file type detection parser. When parsing a crafted input where an ASF sub-header has a size field of zero, the parser enters an infinite loop. The payload value...

Denial Of Service (DoS)

libtar.so is vulnerable to Denial Of Service DoS. The vulnerability exists due to an out-of-bounds read in variable gnulongname when size in header struct is set to 0 allowing an attacker to crash the system via a maliciously crafted tar file...

AZL-10542 CVE-2021-33643 affecting package libtar for versions less than 1.2.20-10

An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc0 for a variable gnulonglink, causing an out-of-bounds read...

DEBIAN-CVE-2020-9308

archivereadsupportformatrar5.c in libarchive before 3.4.2 attempts to unpack a RAR5 file with an invalid or corrupted header such as a header size of zero, leading to a SIGSEGV or possibly unspecified other impact...