Описание
Yann Collet LZ4 before r119, when used on certain 32-bit platforms that allocate memory beyond 0x80000000, does not properly detect integer overflows, which allows context-dependent attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted Literal Run, a different vulnerability than CVE-2014-4611.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | DNE | |
| bionic | DNE | |
| cosmic | DNE | |
| devel | DNE | |
| disco | DNE | |
| eoan | DNE | |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was needs-triage] |
| esm-infra/focal | DNE | |
| focal | DNE | |
| groovy | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | not-affected | code not present |
| cosmic | not-affected | code not present |
| devel | not-affected | code not present |
| disco | not-affected | code not present |
| eoan | not-affected | code not present |
| esm-apps/bionic | not-affected | code not present |
| esm-apps/focal | not-affected | code not present |
| esm-apps/jammy | not-affected | code not present |
| esm-apps/xenial | not-affected | code not present |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | not-affected | 42.0+build2-0ubuntu1 |
| bionic | not-affected | 42.0+build2-0ubuntu1 |
| cosmic | not-affected | 42.0+build2-0ubuntu1 |
| devel | not-affected | 42.0+build2-0ubuntu1 |
| disco | not-affected | 42.0+build2-0ubuntu1 |
| eoan | not-affected | 42.0+build2-0ubuntu1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was not-affected [42.0+build2-0ubuntu0.14.04.1]] |
| esm-infra/focal | DNE | |
| focal | not-affected | 42.0+build2-0ubuntu1 |
| groovy | not-affected | 42.0+build2-0ubuntu1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | not-affected | |
| cosmic | ignored | end of life |
| devel | not-affected | |
| disco | ignored | end of life |
| eoan | ignored | end of life |
| esm-infra-legacy/trusty | not-affected | |
| esm-infra/bionic | not-affected | |
| esm-infra/focal | not-affected | |
| esm-infra/xenial | not-affected |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | not-affected | code not present |
| cosmic | not-affected | code not present |
| devel | not-affected | code not present |
| disco | not-affected | code not present |
| eoan | not-affected | code not present |
| esm-apps/bionic | not-affected | code not present |
| esm-apps/focal | not-affected | code not present |
| esm-apps/jammy | not-affected | code not present |
| esm-apps/xenial | not-affected | code not present |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | not-affected | 0.0~r131-2 |
| bionic | not-affected | 0.0~r131-2 |
| cosmic | not-affected | 0.0~r131-2 |
| devel | not-affected | 0.0~r131-2 |
| disco | not-affected | 0.0~r131-2 |
| eoan | not-affected | 0.0~r131-2 |
| esm-infra-legacy/trusty | released | 0.0~r114-2ubuntu1+esm1 |
| esm-infra/bionic | not-affected | 0.0~r131-2 |
| esm-infra/focal | not-affected | 0.0~r131-2 |
| esm-infra/xenial | not-affected | 0.0~r131-2 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | not-affected | code not present |
| cosmic | not-affected | code not present |
| devel | DNE | |
| disco | not-affected | code not present |
| eoan | not-affected | code not present |
| esm-apps/bionic | not-affected | code not present |
| esm-apps/xenial | not-affected | code not present |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was needs-triage] |
| esm-infra/focal | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | not-affected | |
| cosmic | not-affected | |
| devel | not-affected | |
| disco | not-affected | |
| eoan | not-affected | |
| esm-apps/bionic | not-affected | |
| esm-apps/focal | not-affected | |
| esm-apps/jammy | not-affected | |
| esm-apps/xenial | not-affected |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | not-affected | 1:38.3.0+build1-0ubuntu2 |
| bionic | not-affected | 1:38.3.0+build1-0ubuntu2 |
| cosmic | not-affected | 1:38.3.0+build1-0ubuntu2 |
| devel | not-affected | 1:38.3.0+build1-0ubuntu2 |
| disco | not-affected | 1:38.3.0+build1-0ubuntu2 |
| eoan | not-affected | 1:38.3.0+build1-0ubuntu2 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was not-affected [1:38.4.0+build3-0ubuntu0.14.04.1]] |
| esm-infra/focal | DNE | |
| focal | not-affected | 1:38.3.0+build1-0ubuntu2 |
| groovy | not-affected | 1:38.3.0+build1-0ubuntu2 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | DNE | |
| bionic | DNE | |
| cosmic | DNE | |
| devel | DNE | |
| disco | DNE | |
| eoan | DNE | |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | DNE | |
| focal | DNE | |
| groovy | DNE |
Показывать по
Ссылки на источники
EPSS
5 Medium
CVSS2
Связанные уязвимости
Yann Collet LZ4 before r119, when used on certain 32-bit platforms that allocate memory beyond 0x80000000, does not properly detect integer overflows, which allows context-dependent attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted Literal Run, a different vulnerability than CVE-2014-4611.
Yann Collet LZ4 before r119, when used on certain 32-bit platforms that allocate memory beyond 0x80000000, does not properly detect integer overflows, which allows context-dependent attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted Literal Run, a different vulnerability than CVE-2014-4611.
Yann Collet LZ4 before r119, when used on certain 32-bit platforms tha ...
Yann Collet LZ4 before r119, when used on certain 32-bit platforms that allocate memory beyond 0x80000000, does not properly detect integer overflows, which allows context-dependent attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted Literal Run, a different vulnerability than CVE-2014-4611.
Уязвимость алгоритма сжатия данных без потерь LZ4, связанная с ошибками обработки чисел, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
5 Medium
CVSS2