Описание
Use after free in lzma_decompress_buf function in stream.c in Irzip 0.631 allows attackers to cause Denial of Service (DoS) via a crafted compressed file.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 0.631-1+deb9u3build0.18.04.1 |
| devel | not-affected | 0.651-2 |
| esm-apps/bionic | released | 0.631-1+deb9u3build0.18.04.1 |
| esm-apps/focal | released | 0.631+git180528-1+deb10u1build0.20.04.1 |
| esm-apps/jammy | not-affected | 0.651-2 |
| esm-apps/noble | not-affected | 0.651-2 |
| esm-apps/xenial | not-affected | code not present |
| esm-infra-legacy/trusty | needed | |
| focal | released | 0.631+git180528-1+deb10u1build0.20.04.1 |
| groovy | ignored | end of life |
Показывать по
EPSS
4.3 Medium
CVSS2
5.5 Medium
CVSS3
Связанные уязвимости
Use after free in lzma_decompress_buf function in stream.c in Irzip 0.631 allows attackers to cause Denial of Service (DoS) via a crafted compressed file.
Use after free in lzma_decompress_buf function in stream.c in Irzip 0. ...
Use after free in lzma_decompress_buf function in stream.c in Irzip 0.631 allows attackers to cause Denial of Service (DoS) via a crafted compressed file.
Уязвимость функции lzma_decompress_buf компонента stream.c программы сжатия Lrzip, связанная с использованием памяти после её освобождения, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
4.3 Medium
CVSS2
5.5 Medium
CVSS3