After tar_close(), libtar.c releases the memory pointed to by pointer t. After tar_close() is called in the list() function, it continues to use pointer t: free_longlink_longname(t->th_buf) . As a result, the released memory is used (use-after-free).
2022-12-19T16:15:10.840
2025-04-02T18:33:53.340
Modified
CVSSv3.1: 6.2 (MEDIUM)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Operating System | openatom | openeuler | 20.03 | Yes |
| Operating System | openatom | openeuler | 20.03 | Yes |
| Operating System | openatom | openeuler | 22.03 | Yes |
| Operating System | fedoraproject | fedora | 36 | Yes |
| Operating System | fedoraproject | fedora | 37 | Yes |