4 matches found
CVE-2021-33646
CVE-2021-33646 affects the libtar library. The root cause is a memory leak in th_read() where t->th_buf.gnu_longname is not freed after allocation, as documented across multiple advisories (including Debian DLA-4033-1, CBLMariner entries, AlmaLinux ALSA-2023:2898, and OpenEuler/CNNVD reference...
CVE-2021-33643
CVE-2021-33643 is a vulnerability in the libtar library where an attacker submitting a crafted tar file with a header size of 0 can trigger a call to malloc(0) for gnu_longlink, leading to an out-of-bounds read. The issue is documented across multiple connected sources (open-source Linux distribu...
CVE-2021-33645
CVE-2021-33645 reports a memory leak in the libtar th_read() function due to not freeing t->th_buf.gnu_longlink after allocation. Connected advisories confirm this affects multiple distributions with varying affected versions (e.g., libtar ≤ 1.2.20-11 in some cases; sometimes ≤ 1.2.20-10 or 1....
CVE-2021-33644
CVE-2021-33644 affects libtar. A crafted tar header with size 0 may trigger malloc(0) for gnu_longname, causing an out-of-bounds read. Multiple third-party advisories confirm libtar updates (e.g., patched versions such as 1.2.20-11 in various distributions) as a remediation. No exploitation detai...