Описание
A race condition in the one-pass compression functions of Zstandard prior to version 1.3.8 could allow an attacker to write bytes out of bounds if an output buffer smaller than the recommended size was used.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 1.3.3+dfsg-2ubuntu1.1 |
| devel | not-affected | 1.3.8+dfsg-2 |
| disco | not-affected | 1.3.8+dfsg-2 |
| eoan | not-affected | 1.3.8+dfsg-2 |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/bionic | released | 1.3.3+dfsg-2ubuntu1.1 |
| esm-infra/focal | not-affected | 1.3.8+dfsg-2 |
| esm-infra/xenial | released | 1.3.1+dfsg-1~ubuntu0.16.04.1+esm2 |
| focal | not-affected | 1.3.8+dfsg-2 |
| groovy | not-affected | 1.3.8+dfsg-2 |
Показывать по
Ссылки на источники
6.8 Medium
CVSS2
8.1 High
CVSS3
Связанные уязвимости
A race condition in the one-pass compression functions of Zstandard prior to version 1.3.8 could allow an attacker to write bytes out of bounds if an output buffer smaller than the recommended size was used.
A race condition in the one-pass compression functions of Zstandard prior to version 1.3.8 could allow an attacker to write bytes out of bounds if an output buffer smaller than the recommended size was used.
A race condition in the one-pass compression functions of Zstandard pr ...
6.8 Medium
CVSS2
8.1 High
CVSS3