CVE-2018-20482 vulnerability in GNU and Other Products
Published on December 26, 2018

GNU Tar through 1.30, when --sparse is used, mishandles file shrinkage during read access, which allows local users to cause a denial of service (infinite read loop in sparse_dump_region in sparse.c) by modifying a file that is supposed to be archived by a different user's process (e.g., a system backup running as root).

Vendor Advisory Vendor Advisory NVD

Products Associated with CVE-2018-20482

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2018-20482 are published in these products:

GNU Tar

Debian Linux

OpenSuse Leap

Exploit Probability

EPSS

0.02%

Percentile

5.09%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2018-20482 vulnerability in GNU and Other ProductsPublished on December 26, 2018

Products Associated with CVE-2018-20482

Exploit Probability

CVE-2018-20482 vulnerability in GNU and Other Products
Published on December 26, 2018