GNU Tar and GNU Cpio Remote Buffer Overflow Vulnerability

"GNU Tar and GNU Cpio are prone to a remote buffer-overflow
vulnerability because the applications fail to perform adequate boundary
checks on user-supplied data.

An attacker can exploit this issue to execute arbitrary code with the
privileges of the user running the affected application. Failed exploit
attempts will result in a denial-of-service condition.

This issue affects the following:

GNU Tar versions prior to 1.23
GNU Cpio versions prior to 2.11 "

It is recommended that tar and cpio be updated to the latest available
packages. For RHEL systems, this was fixed in: