First published: Mon Dec 19 2022(Updated: )
After tar_close(), libtar.c releases the memory pointed to by pointer t. After tar_close() is called in the list() function, it continues to use pointer t: free_longlink_longname(t->th_buf) . As a result, the released memory is used (use-after-free).
Credit: securities@openeuler.org
Affected Software | Affected Version | How to fix |
---|---|---|
Huawei Openeuler | =20.03-sp1 | |
Huawei Openeuler | =20.03-sp2 | |
Huawei Openeuler | =22.03 | |
Fedoraproject Fedora | =36 | |
Fedoraproject Fedora | =37 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-33640 is a vulnerability in the libtar.c library that allows for the use of released memory, resulting in a use-after-free scenario.
CVE-2021-33640 has a severity rating of 9.8 (Critical).
CVE-2021-33640 affects Huawei Openeuler 20.03 SP1 and SP2, Huawei Openeuler 22.03, and Fedoraproject Fedora 36 and 37.
To fix CVE-2021-33640, update your affected software to a version that includes the necessary patches and security fixes.
More information about CVE-2021-33640 can be found at the following references: [Link 1](https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4S4PJRCJLEAWN2EKXGLSOBTL7O57V7NC/), [Link 2](https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7WX5YE66CT7Y5C2HTHXSFDKQWYWYWJ2T/), [Link 3](https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2021-33640&packageName=libtar)