CVE-2026-54417
Received Received - Intake
Integer Overflow in microtar Leading to DoS via Malicious Tar Archive

Publication date: 2026-06-17

Last updated on: 2026-06-17

Assigner: 309f9ea4-e3e9-4c6c-b79d-e8eb01244f2c

Description
An integer overflow in the mtar_next() function in src/microtar.c in rxi microtar 0.1.0 allows a remote attacker to cause a denial of service (uncontrolled CPU consumption / infinite loop) via a crafted tar archive. mtar_next() computes the offset to the next record as round_up(h.size, 512) + sizeof(mtar_raw_header_t) using 32-bit arithmetic. When the header size field is a multiple of 512 in the range 0xFFFFFC01-0xFFFFFE00 (e.g. 0xFFFFFE00), the addition wraps to 0, so mtar_next() seeks to the current record position instead of advancing. As a result, mtar_find() and any loop that iterates entries with mtar_next() repeat indefinitely over the same record, hanging the process at 100% CPU with no recovery.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-17
Last Modified
2026-06-17
Generated
2026-06-17
AI Q&A
2026-06-17
EPSS Evaluated
N/A
NVD
CVE-2026-54417
EUVD
EUVD-2026-37704
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
rxi microtar 0.1.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-835 The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.
CWE-190 The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is an integer overflow in the mtar_next() function of the microtar library version 0.1.0. The function calculates the offset to the next tar record using 32-bit arithmetic. When the header size field is a specific large multiple of 512 (in the range 0xFFFFFC01 to 0xFFFFFE00), the addition wraps around to zero. This causes mtar_next() to seek to the current record position instead of advancing to the next one.

As a result, functions like mtar_find() and any loops iterating over entries with mtar_next() get stuck repeatedly processing the same record, causing the process to hang and consume 100% CPU indefinitely, effectively causing a denial of service.

Impact Analysis

This vulnerability can cause a denial of service by making the affected application enter an infinite loop with uncontrolled CPU consumption. Specifically, when processing a crafted tar archive exploiting this integer overflow, the application will hang and use 100% CPU without recovery.

This can disrupt normal operations, degrade system performance, and potentially cause service outages in any system or application using the vulnerable microtar library to process tar archives.

Compliance Impact

The provided information does not specify any direct impact of the CVE-2026-54417 vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.

However, since the vulnerability allows a remote attacker to cause a denial of service via uncontrolled CPU consumption or infinite loop when processing crafted tar archives, it could indirectly affect system availability.

Availability is a key aspect of many compliance frameworks, so systems relying on the microtar library might face challenges in meeting availability requirements if exploited.

No information is provided about data confidentiality or integrity impacts that would more directly relate to regulations like GDPR or HIPAA.

Detection Guidance

This vulnerability causes a denial of service by making the process hang at 100% CPU usage due to an infinite loop when processing a crafted tar archive.

Detection can be done by monitoring processes that use the microtar library for unusually high CPU consumption or hanging behavior when handling tar files.

There are no specific commands provided in the available information to detect this vulnerability directly.

Mitigation Strategies

The provided information does not include specific mitigation steps or patches for this vulnerability.

As a general precaution, avoid processing untrusted or crafted tar archives with the vulnerable version of the microtar library (0.1.0) until an update or patch is available.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-54417. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart