Alerts This Week
Warning Icon 1 666
Alerts This Week
Warning Icon 1 666

Fedora 42 bpfman Important tar-rs Permission Mod Update 2026-b4d393799a

fedora
Calendar Grey April 2, 2026
Dist Fedora Esm H88
Fix for CVE-2026-33056 in bpfman on Fedora 42 improves permission issues caused by tar archives.
Fix CVE-2026-33056 (tar-rs 0.4.45); Closes rhbz#2449672

Summary

bpfman operates as an eBPF manager, focusing on simplifying the deployment and

administration of eBPF programs.

Update Information:

Fix CVE-2026-33056 (tar-rs 0.4.45); Closes rhbz#2449672

Topics%20covered

Topics Covered

security advisory fedora important eBPF permission modification tar-rs

Change Log

* Tue Mar 24 2026 Daniel Mellado - 0.5.4-6 - Fix CVE-2026-33056 (tar-rs 0.4.45); Closes rhbz#2449672 * Tue Mar 24 2026 Daniel Mellado - 0.5.4-5 - Fix CVE-2026-31812: Bump tar-rs to .5.45 - Closes rhbz#2449672 * Tue Mar 24 2026 Daniel Mellado - 0.5.4-4 - Fix CVE-2026-31812: Bump quinn-proto to 0.11.14 - Closes rhbz#2446359

References


[ 1 ] Bug #2449672 - CVE-2026-33056 bpfman: tar-rs: Arbitrary directory permission modification via crafted tar archive [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2449672

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-b4d393799a' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
important
Lowest
Low
Medium
High
Critical

Name: bpfman
Product: Fedora 42
Version: 0.5.4
Release: 6.fc42
URL: https://bpfman.io
Summary: EBPF Program Manager

Topics%20covered

Topics Covered

security advisory fedora important eBPF permission modification tar-rs

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here