← back
CVE-2026-43623

microtar 0.1.0 Stack-Based Buffer Overflow via raw_to_header()

CVSS 8.7 HIGHEPSS 0.3%CWE-121
microtar through 0.1.0 contains a stack-based buffer overflow vulnerability in the raw_to_header() function in src/microtar.c that allows attackers to corrupt adjacent stack memory by supplying a crafted TAR archive with non-null-terminated name or linkname fields. The function uses strcpy() to copy 100-byte ustar format fields that lack null terminators, causing writes of up to 355 bytes into a 100-byte destination buffer when mtar_open(), mtar_find(), or mtar_read_header() process attacker-supplied TAR archives.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Affected products
rxi · microtar
public PoCs found1
cve_referencegithub.com/rxi/microtar/issues/28unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/rxi/microtar/issues/28https://github.com/rxi/microtar/issues/29https://github.com/rxi/microtar/issues/30https://www.vulncheck.com/advisories/microtar-stack-based-buffer-overflow-via-raw-to-header