Headline
CVE-2021-33643: Security-bulletinDetail
An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc(0) for a variable gnu_longlink, causing an out-of-bounds read.
Download
- Software Packages
- Mirrors
Learning
- Documentation
- MOOC
Connect
- News
- Blog
- Live
- Meetups
- Summit
Community
- Contribution
- Convention
- Mailing Lists
- Certification
- Statistics
SIG
- SIG Lists
- Application
- Roles
Discovery
- A-Tune
- BiSheng JDK
- iSula
- secGear
- StratoVirt
- Compass-CI
- Compliance
- Pkgship
- radiaTest
Support
- Vulnerability Management
- Security Advisories
- CVE
- Compatibility List
- 中文
- English
- Русский
CODE
- Code Sources
- Package Sources
- GitHub Mirror
- 中文
- English
- Русский
openEuler is an open source project incubated and operated by the OpenAtom Foundation.
Copyright © 2022 openEuler. All rights reserved.
Related news
An update for libtar is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-33643: A flaw was found in libtar. This flaw allows an attacker who submits a crafted tar file with the size in the header struct being 0 to trigger a calling of malloc(0) for a variable gnu_longlink, causing an out-of-bounds read. * CVE-2021-33644: A flaw was found in libtar. This flaw allows an attacker who submits a crafted tar file with size in heade...