Nixpkgs security tracker
NIXPKGS-2026-1724
GitHub issue
published 2 weeks, 4 days ago
by @LeSuisse Activity log
- Created suggestion
-
@LeSuisse
ignored
5 packages
- perl540Packages.ArchiveTarWrapper
- perl538Packages.ArchiveTarWrapper
- perl5Packages.ArchiveTarWrapper
- perlPackages.ArchiveTarWrapper
- haskellPackages.archive-tar
- @LeSuisse accepted
- @LeSuisse published on GitHub
Archive::Tar versions before 3.10 for Perl allow memory exhaustion via attacker controlled entry size field in tar header
Archive::Tar versions before 3.10 for Perl allow memory exhaustion via attacker controlled entry size field in tar header. _read_tar() reads each entry's payload with $handle->read($$data, $block), where $block is derived from the entry's 12-byte size field in the tar header with no upper bound on that value. A crafted header declaring a multi-gigabyte size causes Perl to allocate a scalar of that size.
References
Affected products
Archive-Tar
- <3.10
Matching in nixpkgs
pkgs.perlPackages.ArchiveTar
Manipulates TAR archives
pkgs.perl5Packages.ArchiveTar
Manipulates TAR archives
pkgs.perl538Packages.ArchiveTar
None
pkgs.perl540Packages.ArchiveTar
None
Ignored packages (5)
pkgs.haskellPackages.archive-tar
Common interface using the tar package
pkgs.perlPackages.ArchiveTarWrapper
API wrapper around the 'tar' utility
pkgs.perl5Packages.ArchiveTarWrapper
API wrapper around the 'tar' utility
pkgs.perl538Packages.ArchiveTarWrapper
None
pkgs.perl540Packages.ArchiveTarWrapper
None