zlib: Out-of-bound pointer arithmetic in inftrees.c

🗓️ 02 Jun 2025 21:24:57Reported by RedHatType

redhat

redhat🔗 access.redhat.com👁 7 Views

Zlib inftrees.c vulnerability: pointer arithmetic before allocated memory causes undefined behavior.

Reporter	Title	Published	Views	Family All 413
IBM Security Bulletins	Security Bulletin: Mutiple vulnerabilities in zlib affect IBM ILOG CPLEX Optimization Studio	16 Jun 201813:45	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime IBM affect IBM Decision Optimization Center and IBM ILOG ODM Enterprise	16 Jun 201813:48	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in IBM Java Runtime affects Rational Publishing Engine	17 Jun 201805:22	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in zlib affect IBM Sterling Connect:Direct for Microsoft Windows (CVE-2016-9840, CVE-2016-9841, CVE-2016-9842, CVE-2016-9843)	24 Jul 202022:19	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Security Directory Server	11 Jan 201916:25	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in IBM® Java SDK affects multiple IBM Rational products based on IBM Jazz technology	28 Apr 202118:35	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Security Guardium	16 Jun 201822:03	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Security Network Protection	16 Jun 201822:00	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java SDK 7 affect IBM Systems Director.	18 Jun 201801:37	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java SDK affects Rational Reporting for Development Intelligence	17 Jun 201805:23	–	ibm

OS	OS Version	Architecture	Package	Package Version	Filename
Red Hat Enterprise Linux	8	aarch64	rsync	0:3.1.3-23.el8_10	rsync-0:3.1.3-23.el8_10.aarch64.rpm
Red Hat Enterprise Linux	8	ppc64le	rsync	0:3.1.3-23.el8_10	rsync-0:3.1.3-23.el8_10.ppc64le.rpm
Red Hat Enterprise Linux	8	s390x	rsync	0:3.1.3-23.el8_10	rsync-0:3.1.3-23.el8_10.s390x.rpm
Red Hat Enterprise Linux	8	x86_64	rsync	0:3.1.3-23.el8_10	rsync-0:3.1.3-23.el8_10.x86_64.rpm
Red Hat Enterprise Linux	8	any	rsync-daemon	0:3.1.3-23.el8_10	rsync-daemon-0:3.1.3-23.el8_10.noarch.rpm
Red Hat Enterprise Linux	8	aarch64	rsync-debuginfo	0:3.1.3-23.el8_10	rsync-debuginfo-0:3.1.3-23.el8_10.aarch64.rpm
Red Hat Enterprise Linux	8	ppc64le	rsync-debuginfo	0:3.1.3-23.el8_10	rsync-debuginfo-0:3.1.3-23.el8_10.ppc64le.rpm
Red Hat Enterprise Linux	8	s390x	rsync-debuginfo	0:3.1.3-23.el8_10	rsync-debuginfo-0:3.1.3-23.el8_10.s390x.rpm
Red Hat Enterprise Linux	8	x86_64	rsync-debuginfo	0:3.1.3-23.el8_10	rsync-debuginfo-0:3.1.3-23.el8_10.x86_64.rpm
Red Hat Enterprise Linux	8	aarch64	rsync-debugsource	0:3.1.3-23.el8_10	rsync-debugsource-0:3.1.3-23.el8_10.aarch64.rpm

Source	Link
access	www.access.redhat.com/security/cve/CVE-2016-9840
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
docs	www.docs.google.com/document/d/10i1KZS5so8xDqH2rplRa2xet0tyTvvJlLbQQmZIUIKE/edit
nvd	www.nvd.nist.gov/vuln/detail/CVE-2016-9840
wiki	www.wiki.mozilla.org/images/0/09/Zlib-report.pdf
cve	www.cve.org/CVERecord

25 Mar 2026 00:03Current

7.3High risk

Vulners AI Score7.3

CVSS 26.8

CVSS 3.18.8

EPSS0.04793

zlib inftrees.c pointer arithmetic undefined behavior allocated memory unix