libtar-1.2.20-17.el8

エラータID: AXSA:2023-5561:01

Release date: 
Friday, May 26, 2023 - 09:11
Subject: 
libtar-1.2.20-17.el8
Affected Channels: 
Asianux Server 8 for x86_64
Severity: 
Moderate
Description: 

The libtar packages contain a C library for manipulating tar archives. The library supports both the strict POSIX tar format and many of the commonly used GNU extensions.

Security Fix(es):

* libtar: out-of-bounds read in gnu_longlink (CVE-2021-33643)
* libtar: out-of-bounds read in gnu_longname (CVE-2021-33644)
* libtar: memory leak found in th_read() function (CVE-2021-33645)
* libtar: memory leak found in th_read() function (CVE-2021-33646)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2021-33643
An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc(0) for a variable gnu_longlink, causing an out-of-bounds read.
CVE-2021-33644
An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc(0) for a variable gnu_longname, causing an out-of-bounds read.
CVE-2021-33645
The th_read() function doesn’t free a variable t->th_buf.gnu_longlink after allocating memory, which may cause a memory leak.
CVE-2021-33646
The th_read() function doesn’t free a variable t->th_buf.gnu_longname after allocating memory, which may cause a memory leak.

Solution: 

Update packages.

CVEs: 
CVE-2021-33643
An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc(0) for a variable gnu_longlink, causing an out-of-bounds read.
CVE-2021-33644
An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc(0) for a variable gnu_longname, causing an out-of-bounds read.
CVE-2021-33645
The th_read() function doesn’t free a variable t->th_buf.gnu_longlink after allocating memory, which may cause a memory leak.
CVE-2021-33646
The th_read() function doesn’t free a variable t->th_buf.gnu_longname after allocating memory, which may cause a memory leak.
Additional Info: 

N/A

Download: 

SRPMS
  1. libtar-1.2.20-17.el8.src.rpm
    MD5: 939dc0f92a5a90c09baaab899d33287a
    SHA-256: 74d01961424a77a589fd9abaa1f6dca46b1d1b8f8c41e66bf6e7188e6dca420d
    Size: 83.81 kB

Asianux Server 8 for x86_64
  1. libtar-1.2.20-17.el8.i686.rpm
    MD5: 8c70cce64d46ae80b2be616722aff534
    SHA-256: 62547177b4d63b344f5c71ae90f32849e0cd9509515ed4dfe517733f0ea20054
    Size: 42.89 kB
  2. libtar-1.2.20-17.el8.x86_64.rpm
    MD5: 97875d887b2c5a8bb7107b2b99596ff4
    SHA-256: 4ba48743bc63a86530df5776f3671fbfb355f64101ea5e26ef3c730362ca0f18
    Size: 41.21 kB