A double-free vulnerability was found in sysstat in the way the sadf
command processes the contents of data files created by the sar
command. Saved binary data files with support for extra_desc
structures may be vulnerable to this flaw. A remote attacker could exploit this flaw by creating a specially crafted file with malformed data that, when loaded by a victim, would cause the application to potentially execute arbitrary code.