A flaw was found in the src/list.c of tar 1.33 and earlier. This flaw allows an attacker who can submit a crafted input file to tar to cause uncontrolled consumption of memory. The highest threat from this vulnerability is to system availability.
Maintainers, please stabilize tar >=1.33
New GLSA request filed.
This issue was resolved and addressed in
GLSA 202105-29 at https://security.gentoo.org/glsa/202105-29
by GLSA coordinator Thomas Deutschmann (whissi).