Actually I just got it working - no need to send PoC @kerneldude - I
made my own.

You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to tar in Ubuntu.

  A stack overflow in GNU Tar

Status in tar package in Ubuntu:

Bug description:
  A stack overflow vulnerability exists in GNU Tar up to including v1.34, as 
far as I can see, Ubuntu is using v1.3.
  The bug exists in the function xattr_decoder() in xheader.c, where alloca() 
is used and it may overflow the stack if a sufficiently long xattr key is used. 
The vulnerability can be triggered when extracting a tar/pax archive that 
contains such a long xattr key.

  Vulnerable code:

  PoC tar archive is attached in a zip archive to reduce the size.

  I reported the vulnerability yesterday to GNU Tar maintainers and they
  replied that the issue was fixed in the version that was released two
  weeks ago:

  "Sergey fixed that bug here:

  and the fix appears in tar 1.35, released July 18.

To manage notifications about this bug go to:

Mailing list:
Post to     :
Unsubscribe :
More help   :

Reply via email to