Wind River Support Network

HomeDefectsLIN10-8235
Fixed

LIN10-8235 : Security Advisory - tar - CVE-2021-20193

Created: Feb 7, 2021    Updated: Apr 1, 2021
Resolved Date: Apr 1, 2021
Found In Version: 10.17.41.1
Severity: Standard
Applicable for: Wind River Linux LTS 17
Component/s: Userspace

Description

An issue was discovered in GNU Tar 1.33 and earlier. There is a memory leak in read_header() in list.c in the tar application.

Upstream bug:

https://savannah.gnu.org/bugs/?59897

Upstream patch:

https://git.savannah.gnu.org/cgit/tar.git/commit/?id=d9d4435692150fa8ff68e1b1a473d187cc3fd777


CREATE(Triage):(User=admin) [CVE-2021-20193|https://nvd.nist.gov/vuln/detail/CVE-2021-20193]

CVEs

Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube