Multiple CVEs Discovered in tar Affecting Ubuntu and Mageia Systems

Multiple CVEs Discovered in tar Affecting Ubuntu and Mageia Systems

First seen 2 Jun 2026, 16:57 UTC LinuxsecurityUbuntu 70% similarity 60.6

Article Content

Browse articles
ThreatCluster

Multiple vulnerabilities were identified in the tar utility, affecting Ubuntu 22.04 LTS and 24.04 LTS, as well as Mageia systems. These vulnerabilities allow attackers to craft malicious tar files that can lead to file overwriting or hidden file injection, bypassing pre-extraction inspection mechanisms. The vulnerabilities are tracked under CVE-2024-12905, CVE-2025-48387, and CVE-2025-59343 for Ubuntu, and CVE-2026-5704 for Mageia. The issues could allow remote attackers to write files outside the intended extraction directory or inject malicious content undetected. The vulnerabilities have been addressed in security updates released on June 2, 2026. Security professionals are urged to apply the patches immediately to mitigate potential exploitation.

Key Points: • Multiple vulnerabilities in tar affect Ubuntu and Mageia systems. • Attackers can exploit these flaws to overwrite files or inject hidden malicious files. • Patches for the vulnerabilities were released on June 2, 2026.

ThreatCluster AI

Timeline

2025-03-27
CVE-2024-12905 published
A vulnerability in tar-fs allows file overwriting outside the intended directory.
Ubuntu
2025-06-02
CVE-2025-48387 published
Another tar-fs vulnerability allows improper validation of extraction paths.
Ubuntu
2025-09-24
CVE-2025-59343 published
A symlink validation bypass vulnerability in tar-fs is disclosed.
Ubuntu
2026-06-02
CVE-2026-5704 published
Mageia issues a security advisory for a flaw in tar allowing hidden file injection.
Linuxsecurity
2026-06-02
Patches released for tar vulnerabilities
Security updates addressing the vulnerabilities in tar were released for affected systems.
Linuxsecurity

Community

Browse all →