It was discovered that tar incorrectly handled extended attributes in PAX archives. An attacker could supply a specially crafted file and cause tar to crash, resulting in a denial of service