#VU18058 NULL pointer dereference in Tar


Published: 2019-03-22

Vulnerability identifier: #VU18058

Vulnerability risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2019-9923

CWE-ID: CWE-476

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Tar
Client/Desktop applications / Software for archiving

Vendor: GNU

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dreference error in sparse.c in when parsing certain archives that have malformed extended headers. A remote attacker can perform a denial of service (DoS) attack.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Tar: 1.13 - 1.31

External links
http://git.savannah.gnu.org/cgit/tar.git/commit/?id=cb07844454d8cc9fb21f53ace75975f91185a120
http://savannah.gnu.org/bugs/?55369
http://bugs.launchpad.net/ubuntu/+source/tar/+bug/1810241

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Multiple vulnerabilities in Juniper Networks Junos cRPD
Multiple vulnerabilities in Juniper Cloud Native Router
Multiple vulnerabilities in IBM Netcool Operations Insight
Multiple vulnerabilities in IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data
Amazon Linux AMI update for tar
NULL pointer dereference in IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data
SUSE update for tar
Multiple vulnerabilities in VMware Tanzu Products
Ubuntu update for tar
OpenSUSE Linux update for tar