Vulnerabilities > CVE-2018-20482 - Infinite Loop vulnerability in multiple products

047910
CVSS 4.7 - MEDIUM
Attack vector
LOCAL
Attack complexity
HIGH
Privileges required
LOW
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
local
high complexity
gnu
debian
opensuse
CWE-835
nessus
NVD
Published: 2018-12-26
Updated: 2021-11-30

Summary

GNU Tar through 1.30, when --sparse is used, mishandles file shrinkage during read access, which allows local users to cause a denial of service (infinite read loop in sparse_dump_region in sparse.c) by modifying a file that is supposed to be archived by a different user's process (e.g., a system backup running as root).

Vulnerable Configurations

Part Description Count
Application
Gnu
38
OS
Debian
2
OS
Opensuse
1

Common Weakness Enumeration (CWE)

Nessus

  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-1262.NASL
    descriptionAccording to the version of the tar package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - GNU Tar through 1.30, when --sparse is used, mishandles file shrinkage during read access, which allows local users to cause a denial of service (infinite read loop in sparse_dump_region in sparse.c) by modifying a file that is supposed to be archived by a different user
    last seen2020-03-19
    modified2019-04-04
    plugin id123730
    published2019-04-04
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/123730
    titleEulerOS Virtualization 2.5.3 : tar (EulerOS-SA-2019-1262)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-1154.NASL
    descriptionAccording to the version of the tar package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - GNU Tar through 1.30, when --sparse is used, mishandles file shrinkage during read access, which allows local users to cause a denial of service (infinite read loop in sparse_dump_region in sparse.c) by modifying a file that is supposed to be archived by a different user
    last seen2020-05-06
    modified2019-04-02
    plugin id123628
    published2019-04-02
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/123628
    titleEulerOS 2.0 SP5 : tar (EulerOS-SA-2019-1154)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DLA-1623.NASL
    descriptionIt was discovered that there was a potential denial of service vulnerability in tar, the GNU version of the tar UNIX archiving utility. The --sparse argument looped endlessly if the file shrank whilst it was being read. Tar would only break out of this endless loop if the file grew again to (or beyond) its original end of file. For Debian 8
    last seen2020-03-23
    modified2019-01-02
    plugin id119957
    published2019-01-02
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/119957
    titleDebian DLA-1623-1 : tar security update
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-1129.NASL
    descriptionAccording to the version of the tar package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - GNU Tar through 1.30, when --sparse is used, mishandles file shrinkage during read access, which allows local users to cause a denial of service (infinite read loop in sparse_dump_region in sparse.c) by modifying a file that is supposed to be archived by a different user
    last seen2020-05-06
    modified2019-04-02
    plugin id123603
    published2019-04-02
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/123603
    titleEulerOS 2.0 SP2 : tar (EulerOS-SA-2019-1129)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2020-1035.NASL
    descriptionAccording to the version of the tar package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - The GNU tar program saves many files together in one archive and can restore individual files (or all of the files) from that archive. Tar can also be used to add supplemental files to an archive and to update or list files in the archive. Tar includes multivolume support, automatic archive compression/decompression, the ability to perform remote archives, and the ability to perform incremental and full backups. If you want to use tar for remote backups, you also need to install the rmt package on the remote box.Security Fix(es):GNU Tar through 1.30, when --sparse is used, mishandles file shrinkage during read access, which allows local users to cause a denial of service (infinite read loop in sparse_dump_region in sparse.c) by modifying a file that is supposed to be archived by a different user
    last seen2020-05-03
    modified2020-01-02
    plugin id132628
    published2020-01-02
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/132628
    titleEulerOS 2.0 SP8 : tar (EulerOS-SA-2020-1035)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2019-1237.NASL
    descriptionThis update for tar fixes the following issues : Security issues fixed : - CVE-2019-9923: Fixed a denial of service while parsing certain archives with malformed extended headers in pax_decode_header() (bsc#1130496). - CVE-2018-20482: Fixed a denial of service when the
    last seen2020-06-01
    modified2020-06-02
    plugin id124188
    published2019-04-19
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/124188
    titleopenSUSE Security Update : tar (openSUSE-2019-1237)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2019-0926-1.NASL
    descriptionThis update for tar fixes the following issues : Security issues fixed : CVE-2019-9923: Fixed a denial of service while parsing certain archives with malformed extended headers in pax_decode_header() (bsc#1130496). CVE-2018-20482: Fixed a denial of service when the
    last seen2020-06-01
    modified2020-06-02
    plugin id123995
    published2019-04-11
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/123995
    titleSUSE SLED15 / SLES15 Security Update : tar (SUSE-SU-2019:0926-1)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2020-1068.NASL
    descriptionAccording to the version of the tar package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to [email protected].(CVE-2018-20482) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id132822
    published2020-01-13
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/132822
    titleEulerOS Virtualization for ARM 64 3.0.5.0 : tar (EulerOS-SA-2020-1068)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-1346.NASL
    descriptionAccording to the version of the tar package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - tar: Infinite read loop in sparse_dump_region function in sparse.c.(CVE-2018-20482) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-05-06
    modified2019-05-06
    plugin id124632
    published2019-05-06
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/124632
    titleEulerOS 2.0 SP3 : tar (EulerOS-SA-2019-1346)
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201903-05.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201903-05 (Tar: Denial of Service) The sparse_dump_region function in sparse.c file in Tar allows an infinite loop using the --sparse option. Impact : A local attacker could cause a Denial of Service condition by modifying a file that is supposed to be archived by a different user’s process (e.g., a system backup running as root). Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id122733
    published2019-03-11
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/122733
    titleGLSA-201903-05 : Tar: Denial of Service
  • NASL familyPhotonOS Local Security Checks
    NASL idPHOTONOS_PHSA-2019-1_0-0236_TAR.NASL
    descriptionAn update of the tar package has been released.
    last seen2020-06-01
    modified2020-06-02
    plugin id126124
    published2019-06-24
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/126124
    titlePhoton OS 1.0: Tar PHSA-2019-1.0-0236

References