A flaw was found in the src/list.c of tar 1.33 and earlier. This flaw allows an attacker who can submit a crafted input file to tar to cause uncontrolled consumption of memory. The highest threat from this vulnerability is to system availability.
sbeattie | the tar command failed to free memory. As this is a command line tool denial of service, this has been rated as priority low