PT-2023-1299 · Gnu+10 · Gnu Tar+10

Steve Beattie

·

Published

2021-04-14

·

Updated

2025-03-27

·

CVE-2022-48303

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions GNU Tar versions 1.34 and earlier
Description The issue is related to a one-byte out-of-bounds read in the from header function in list.c that results in the use of uninitialized memory for a conditional jump. This occurs via a V7 archive in which mtime has approximately 11 whitespace characters. Exploitation to change the flow of control has not been demonstrated.
Recommendations For GNU Tar versions 1.34 and earlier, consider updating to a version that fixes this issue. As a temporary workaround, restrict the use of V7 archives with mtime containing approximately 11 whitespace characters to minimize the risk of exploitation. Avoid using the from header function in list.c until a patch is available.

Exploit

Fix

Buffer Overflow

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-119CWE-125

Related Identifiers

ALSA-2023:0842
ALSA-2023:0959
ALT-PU-2021-1651
AZL-37145
BDU:2023-00577
CESA-2023_0842
CVE-2022-48303
MGASA-2023-0079
OESA-2023-1089
OESA-2023-1103
OESA-2023-1104
OESA-2023-1106
OPENSUSE-SU-2023_0463-1
OPENSUSE-SU-2024:12744-1
RHSA-2023:0842
RHSA-2023:0959
RHSA-2023:5610
RHSA-2023_0842
RHSA-2023_0959
RLSA-2023:0842
RLSA-2023:0959
SUSE-SU-2023:0441-1
SUSE-SU-2023:0463-1
SUSE-SU-2023_0441-1
SUSE-SU-2023_0463-1
USN-5900-1
USN-5900-2

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Gnu Tar
Linuxmint
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu