Debian Bug report logs -
#1058079
tar: CVE-2023-39804: Incorrectly handled extension attributes in PAX archives can lead to a crash
Package:
src:tar;
Maintainer for src:tar is Janos Lenart <ocsi@debianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Tue, 12 Dec 2023 06:45:02 UTC
Severity: important
...
It was discovered that tar incorrectly handled extended attributes in PAX archives An attacker could supply a specially crafted file and cause tar to crash, resulting in a denial of service (CVE-2023-39804) ...