Updated libtar packages fix security vulnerability
Publication date: 16 Sep 2022Modification date: 16 Sep 2022
Type: security
Affected Mageia releases : 8
CVE: CVE-2021-33643 , CVE-2021-33644 , CVE-2021-33645 , CVE-2021-33646
Description
An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc(0) for a variable gnu_longlink, causing an out-of-bounds read. (CVE-2021-33643) An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc(0) for a variable gnu_longname, causing an out-of-bounds read. (CVE-2021-33644) The th_read() function doesn't free a variable t->th_buf.gnu_longlink after allocating memory, which may cause a memory leak. (CVE-2021-33645) The th_read() function doesn't free a variable t->th_buf.gnu_longname after allocating memory, which may cause a memory leak. (CVE-2021-33646)
References
- https://bugs.mageia.org/show_bug.cgi?id=30821
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/OD4HEBSTI22FNYKOKK7W3X6ZQE6FV3XC/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33643
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33644
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33645
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33646
SRPMS
8/core
- libtar-1.2.20-9.1.mga8