First published: Tue Aug 09 2022(Updated: )
An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc(0) for a variable gnu_longname, causing an out-of-bounds read.
Credit: securities@openeuler.org
Affected Software | Affected Version | How to fix |
---|---|---|
Feep Libtar | <1.2.21 | |
Huawei Openeuler | =20.03-sp1 | |
Huawei Openeuler | =20.03-sp3 | |
Huawei Openeuler | =22.03 | |
Fedoraproject Fedora | =35 | |
Fedoraproject Fedora | =36 | |
Fedoraproject Fedora | =37 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.