Vulnerability in GNU tar allows file overwriting
Red Hat has reported a security vulnerability in GNU tar. The file archiving program contains a directory traversal vulnerability which can be exploited by specially crafted archives. For example, directory entries containing "../" can be used to overwrite arbitrary files for which the user has writing privileges.
The path search function contains_dot_dot() in the file names.c was faulty. A source code patch is provided in Red Hat's Bugzilla system that eliminates the vulnerability. The vulnerability is present in the current GNU tar Version 1.18 and previous versions. Now that Red Hat has acted, it is likely that the other Linux distributors will provide updated packages, which users should install as quickly as possible.
- tar security update, security advisory from Red Hat
- tar directory traversal vulnerability, entry in the bug tracking system from Red Hat
- source code patch in the Bugzilla system from Red Hat