Bugzilla – Bug 1202317
VUL-0: CVE-2021-33644: libtar: out-of-bounds read with a size in header struct being 0
Last modified: 2022-08-11 07:15:02 UTC
An attacker who submits a crafted tar file with size in header struct being 0
may be able to trigger an calling of malloc(0) for a variable gnu_longname,
causing an out-of-bounds read.
The following codestreams are affected: