GNU tar vulnerability could lead to application crash
CVE-2023-39804
Currently unrated
Summary
In versions of GNU Tar prior to 1.35, there exists a vulnerability that arises from the improper handling of extension attributes in PAX archives. This flaw in the xheader.c file can lead to application crashes, posing a risk to system stability and data integrity. Maliciously crafted PAX archives may exploit this vulnerability, emphasizing the importance of updating to the latest version to mitigate potential threats.
References
Timeline
Vulnerability published
Vulnerability Reserved