An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc(0) for a variable gnu_longname, causing an out-of-bounds read.
Created libtar tracking bugs for this issue:
Affects: fedora-all [bug 2121300]
The security fixes in question seem to be available in this source RPM package: https://repo.openeuler.org/openEuler-22.03-LTS/update/source/Packages/libtar-1.2.20-21.oe2203.src.rpm
This issue has been addressed in the following products:
Red Hat Enterprise Linux 8
Via RHSA-2023:2898 https://access.redhat.com/errata/RHSA-2023:2898
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):