Unrated severityNVD Advisory· Published Mar 26, 2021· Updated Aug 3, 2024
CVE-2021-20193
CVE-2021-20193
Description
A flaw was found in the src/list.c of tar 1.33 and earlier. This flaw allows an attacker who can submit a crafted input file to tar to cause uncontrolled consumption of memory. The highest threat from this vulnerability is to system availability.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
13- tar/tardescription
- osv-coords11 versionspkg:rpm/opensuse/tar&distro=openSUSE%20Leap%2015.2pkg:rpm/opensuse/tar&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/tar&distro=openSUSE%20Tumbleweedpkg:rpm/suse/tar&distro=SUSE%20Linux%20Enterprise%20Micro%205.0pkg:rpm/suse/tar&distro=SUSE%20Linux%20Enterprise%20Micro%205.1pkg:rpm/suse/tar&distro=SUSE%20Linux%20Enterprise%20Micro%205.2pkg:rpm/suse/tar&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP2pkg:rpm/suse/tar&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP3pkg:rpm/suse/tar&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2015%20SP2pkg:rpm/suse/tar&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/tar&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5
< 1.30-lp152.4.3.1+ 10 more
- (no CPE)range: < 1.30-lp152.4.3.1
- (no CPE)range: < 1.34-150000.3.12.1
- (no CPE)range: < 1.34-5.1
- (no CPE)range: < 1.34-150000.3.12.1
- (no CPE)range: < 1.34-150000.3.12.1
- (no CPE)range: < 1.34-150000.3.12.1
- (no CPE)range: < 1.30-3.6.1
- (no CPE)range: < 1.34-150000.3.12.1
- (no CPE)range: < 1.34-150000.3.12.1
- (no CPE)range: < 1.27.1-15.9.1
- (no CPE)range: < 1.27.1-15.9.1
Patches
Vulnerability mechanics
References
3- security.gentoo.org/glsa/202105-29mitrevendor-advisoryx_refsource_GENTOO
- bugzilla.redhat.com/show_bug.cgimitrex_refsource_MISC
- git.savannah.gnu.org/cgit/tar.git/commit/mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.