#VU18058 NULL pointer dereference in Tar - CVE-2019-9923

Cybersecurity Help s.r.o.

Published: 2019-03-22

Vulnerability identifier: #VU18058

Vulnerability risk: Low

CVSSv4.0: 4 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2019-9923

CWE-ID: CWE-476

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Tar
Client/Desktop applications / Software for archiving

Vendor: GNU

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dreference error in sparse.c in when parsing certain archives that have malformed extended headers. A remote attacker can perform a denial of service (DoS) attack.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Tar: 1.13 - 1.31

External links
https://git.savannah.gnu.org/cgit/tar.git/commit/?id=cb07844454d8cc9fb21f53ace75975f91185a120
https://savannah.gnu.org/bugs/?55369
https://bugs.launchpad.net/ubuntu/+source/tar/+bug/1810241

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in Rockwell Automation DataMosaix Private Cloud

Multiple vulnerabilities in Juniper Networks Junos cRPD

Multiple vulnerabilities in Juniper Cloud Native Router

Multiple vulnerabilities in IBM Netcool Operations Insight

Multiple vulnerabilities in IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data

Amazon Linux AMI update for tar

NULL pointer dereference in IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data

SUSE update for tar

Multiple vulnerabilities in VMware Tanzu Products

Ubuntu update for tar