An error within the "tardirectoryfor_file()" function (gsf-infile-tar.c) in GNOME Structured File Library before 1.14.41 can be exploited to trigger a Null pointer dereference and subsequently cause a crash via a crafted TAR file.
{ "availability": "No subscription required", "ubuntu_priority": "low", "binaries": [ { "binary_version": "1.14.41-1", "binary_name": "gir1.2-gsf-1" }, { "binary_version": "1.14.41-1", "binary_name": "libgsf-1-114" }, { "binary_version": "1.14.41-1", "binary_name": "libgsf-1-114-dbgsym" }, { "binary_version": "1.14.41-1", "binary_name": "libgsf-1-common" }, { "binary_version": "1.14.41-1", "binary_name": "libgsf-1-dev" }, { "binary_version": "1.14.41-1", "binary_name": "libgsf-bin" }, { "binary_version": "1.14.41-1", "binary_name": "libgsf-bin-dbgsym" } ] }