CVE-2018-20482

Published: Dec 26, 2018Modified: Nov 21, 2024

4.7

Vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

Exploitability: 1.0 / Impact: 3.6

Source: NVD

Description

GNU Tar through 1.30, when --sparse is used, mishandles file shrinkage during read access, which allows local users to cause a denial of service (infinite read loop in sparse_dump_region in sparse.c) by modifying a file that is supposed to be archived by a different user's process (e.g., a system backup running as root).

Affected (4)

Products: Gnu: Tar · Debian: Debian Linux · Opensuse: Leap

1 product

1 product

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Gnu Tar	Up to 1.30

Configuration B

2 vulnerable

Vulnerable Software	Affected Versions
Debian Debian Linux	Version 8.0
Debian Debian Linux	Version 9.0

Configuration C

1 vulnerable

Vulnerable Software	Affected Versions
Opensuse Leap	Version 15.0

Related CWEs

Loop with Unreachable Exit Condition ('Infinite Loop')

The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.

References (20)

http://git.savannah.gnu.org/cgit/tar.git/commit/?id=c15c42ccd1e2377945fd0414eca1a49294bff454

Source: cve@mitre.org

PatchThird Party Advisory

http://lists.gnu.org/archive/html/bug-tar/2018-12/msg00023.html

Source: cve@mitre.org

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00077.html

Source: cve@mitre.org

Mailing ListThird Party Advisory

http://www.securityfocus.com/bid/106354

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

https://lists.debian.org/debian-lts-announce/2018/12/msg00023.html

Source: cve@mitre.org

Mailing ListThird Party Advisory

https://lists.debian.org/debian-lts-announce/2021/11/msg00025.html

Source: cve@mitre.org

Mailing ListThird Party Advisory

https://news.ycombinator.com/item?id=18745431

Source: cve@mitre.org

ExploitThird Party Advisory

https://security.gentoo.org/glsa/201903-05

Source: cve@mitre.org

Third Party Advisory

https://twitter.com/thatcks/status/1076166645708668928

Source: cve@mitre.org

PatchThird Party Advisory

https://utcc.utoronto.ca/~cks/space/blog/sysadmin/TarFindingTruncateBug

Source: cve@mitre.org

PatchThird Party Advisory

http://git.savannah.gnu.org/cgit/tar.git/commit/?id=c15c42ccd1e2377945fd0414eca1a49294bff454

Source: af854a3a-2127-422b-91ae-364da2661108

PatchThird Party Advisory

http://lists.gnu.org/archive/html/bug-tar/2018-12/msg00023.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00077.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://www.securityfocus.com/bid/106354

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://lists.debian.org/debian-lts-announce/2018/12/msg00023.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

https://lists.debian.org/debian-lts-announce/2021/11/msg00025.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

https://news.ycombinator.com/item?id=18745431

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

https://security.gentoo.org/glsa/201903-05

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://twitter.com/thatcks/status/1076166645708668928

Source: af854a3a-2127-422b-91ae-364da2661108

PatchThird Party Advisory

https://utcc.utoronto.ca/~cks/space/blog/sysadmin/TarFindingTruncateBug

Source: af854a3a-2127-422b-91ae-364da2661108

PatchThird Party Advisory

Timeline

No history available yet.