Lucene search

K
f5F5F5:K15512
HistoryAug 18, 2014 - 12:00 a.m.

K15512 : LZO decompressor vulnerability CVE-2014-4608

2014-08-1800:00:00
my.f5.com
32

AI Score

5.5

Confidence

High

EPSS

0.011

Percentile

84.6%

Security Advisory Description

DISPUTED Multiple integer overflows in the lzo1x_decompress_safe function in lib/lzo/lzo1x_decompress_safe.c in the LZO decompressor in the Linux kernel before 3.15.2 allow context-dependent attackers to cause a denial of service (memory corruption) via a crafted Literal Run. NOTE: the author of the LZO algorithms says “the Linux kernel is not affected; media hype.”
(
CVE-2014-4608
)
Impact
None. No F5 products are vulnerable to this vulnerability.