PT-2023-27111 · Gnu+5 · Gnu Tar+5

Salvatore Bonaccorso

·

Publicado

2023-11-30

·

Atualizado

2025-07-29

·

CVE-2023-39804

CVSS v3.1

6.2

Média

VetorAV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions GNU tar versions prior to 1.35
Description The issue arises from mishandled extension attributes in a PAX archive, which can cause an application crash in xheader.c.
Recommendations For GNU tar versions prior to 1.35, update to version 1.35 or later to resolve the issue.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Identificadores relacionados

AZL-52625
CVE-2023-39804
DLA-3755-1
OESA-2023-1991
OESA-2023-1992
OESA-2023-1993
OESA-2023-1994
OESA-2023-2002
OPENSUSE-SU-2024:13751-1
SUSE-SU-2024:0070-1
SUSE-SU-2024:0070-2
SUSE-SU-2024:0071-1
SUSE-SU-2024_0070-1
SUSE-SU-2024_0071-1
USN-6543-1

Produtos afetados

Astra Linux
Gnu Tar
Linuxmint
Red Os
Suse
Ubuntu