Steve Beattie

**Name of the Vulnerable Software and Affected Versions** GNU Tar versions 1.34 and earlier **Description** The issue is related to a one-byte out-of-bounds read in the `from header` function in `list.c` that results in the use of uninitialized memory for a conditional jump. This occurs via a V7 archive in which `mtime` has approximately 11 whitespace characters. Exploitation to change the flow of control has not been demonstrated. **Recommendations** For GNU Tar versions 1.34 and earlier, consider updating to a version that fixes this issue. As a temporary workaround, restrict the use of V7 archives with `mtime` containing approximately 11 whitespace characters to minimize the risk of exploitation. Avoid using the `from header` function in `list.c` until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 2.6.30.4 **Description** The issue allows local users to read maps and smaps files under proc/ via vectors related to ELF loading, a setuid process, and a race condition. This is due to a problem in the mm for maps function in fs/proc/base.c. **Recommendations** For Linux kernel versions prior to 2.6.30.4, consider upgrading to a version that contains a fix for this issue to prevent unauthorized access to sensitive files.