CVE-2016-9888

Name of the Vulnerable Software and Affected Versions GNOME Structured File Library versions prior to 1.14.41

Description The issue is related to an error within the tar directory for file() function in the gsf-infile-tar.c file, which can be exploited to trigger a Null pointer dereference, causing a crash when processing a crafted TAR file.

Recommendations For versions prior to 1.14.41, update to version 1.14.41 or later to resolve the issue. As a temporary workaround, consider avoiding the use of crafted TAR files that could trigger the Null pointer dereference in the tar directory for file() function until a patch is applied.