CVE-2021-33643

Published: Aug 9, 2022

Modified: Nov 3, 2025

PUBLISHED

Description

An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc(0) for a variable gnu_longlink, causing an out-of-bounds read.

Vendor	Product	Versions
n/a	libtar	affected `<1.2.21`

Weaknesses (CWE)

CWE-125

References

https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1807

FEDORA-2022-fe1a4e3cf0

vendor-advisory

FEDORA-2022-50e8a1b51d

vendor-advisory

FEDORA-2022-44a20bba43

vendor-advisory

FEDORA-2022-88772d0a2d

vendor-advisory

FEDORA-2022-ccc68b06cc

vendor-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2021-33643

Description

Affected Products

Weaknesses (CWE)

References