Lucene search
K

4 matches found

CVE
CVE
added 2022/08/09 12:0 a.m.119 views

CVE-2021-33646

CVE-2021-33646 affects the libtar library. The root cause is a memory leak in th_read() where t->th_buf.gnu_longname is not freed after allocation, as documented across multiple advisories (including Debian DLA-4033-1, CBLMariner entries, AlmaLinux ALSA-2023:2898, and OpenEuler/CNNVD reference...

7.5CVSS8.1AI score0.01431EPSS
CVE
CVE
added 2022/08/09 12:0 a.m.109 views

CVE-2021-33643

CVE-2021-33643 is a vulnerability in the libtar library where an attacker submitting a crafted tar file with a header size of 0 can trigger a call to malloc(0) for gnu_longlink, leading to an out-of-bounds read. The issue is documented across multiple connected sources (open-source Linux distribu...

9.1CVSS8.7AI score0.01331EPSS
CVE
CVE
added 2022/08/09 12:0 a.m.109 views

CVE-2021-33645

CVE-2021-33645 reports a memory leak in the libtar th_read() function due to not freeing t->th_buf.gnu_longlink after allocation. Connected advisories confirm this affects multiple distributions with varying affected versions (e.g., libtar ≤ 1.2.20-11 in some cases; sometimes ≤ 1.2.20-10 or 1....

7.5CVSS8.1AI score0.01431EPSS
CVE
CVE
added 2022/08/09 12:0 a.m.107 views

CVE-2021-33644

CVE-2021-33644 affects libtar. A crafted tar header with size 0 may trigger malloc(0) for gnu_longname, causing an out-of-bounds read. Multiple third-party advisories confirm libtar updates (e.g., patched versions such as 1.2.20-11 in various distributions) as a remediation. No exploitation detai...

8.1CVSS8.2AI score0.01127EPSS