bzlib.c in bzip2 before 1.0.5 allows user-assisted remote attackers to cause a denial of service (crash) via a crafted file that triggers a buffer over-read, as demonstrated by the PROTOS GENOME test suite for Archive Formats.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | bzip2 | < 1.0.5-0.1 | bzip2_1.0.5-0.1_all.deb |
Debian | 11 | all | bzip2 | < 1.0.5-0.1 | bzip2_1.0.5-0.1_all.deb |
Debian | 10 | all | bzip2 | < 1.0.5-0.1 | bzip2_1.0.5-0.1_all.deb |
Debian | 999 | all | bzip2 | < 1.0.5-0.1 | bzip2_1.0.5-0.1_all.deb |
Debian | 13 | all | bzip2 | < 1.0.5-0.1 | bzip2_1.0.5-0.1_all.deb |