CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
EPSS
Percentile
71.5%
The libtar packages contain a C library for manipulating tar archives. The library supports both the strict POSIX tar format and many of the commonly used GNU extensions.
Security Fix(es):
libtar: out-of-bounds read in gnu_longlink (CVE-2021-33643)
libtar: out-of-bounds read in gnu_longname (CVE-2021-33644)
libtar: memory leak found in th_read() function (CVE-2021-33645)
libtar: memory leak found in th_read() function (CVE-2021-33646)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.8 Release Notes linked from the References section.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 8 | s390x | libtar-debugsource | < 1.2.20-17.el8 | libtar-debugsource-1.2.20-17.el8.s390x.rpm |
RedHat | 8 | s390x | libtar | < 1.2.20-17.el8 | libtar-1.2.20-17.el8.s390x.rpm |
RedHat | 8 | i686 | libtar | < 1.2.20-17.el8 | libtar-1.2.20-17.el8.i686.rpm |
RedHat | 8 | ppc64le | libtar-debuginfo | < 1.2.20-17.el8 | libtar-debuginfo-1.2.20-17.el8.ppc64le.rpm |
RedHat | 8 | aarch64 | libtar-debuginfo | < 1.2.20-17.el8 | libtar-debuginfo-1.2.20-17.el8.aarch64.rpm |
RedHat | 8 | aarch64 | libtar | < 1.2.20-17.el8 | libtar-1.2.20-17.el8.aarch64.rpm |
RedHat | 8 | x86_64 | libtar | < 1.2.20-17.el8 | libtar-1.2.20-17.el8.x86_64.rpm |
RedHat | 8 | ppc64le | libtar | < 1.2.20-17.el8 | libtar-1.2.20-17.el8.ppc64le.rpm |
RedHat | 8 | i686 | libtar-debuginfo | < 1.2.20-17.el8 | libtar-debuginfo-1.2.20-17.el8.i686.rpm |
RedHat | 8 | s390x | libtar-debuginfo | < 1.2.20-17.el8 | libtar-debuginfo-1.2.20-17.el8.s390x.rpm |