3 matches found
CVE-2018-11496
In Long Range Zip aka lrzip 0.631, there is a use-after-free in readstream in stream.c, because decompressfile in lrzip.c lacks certain size validation...
UBUNTU-CVE-2018-11496
In Long Range Zip aka lrzip 0.631, there is a use-after-free in readstream in stream.c, because decompressfile in lrzip.c lacks certain size validation...
CVE-2018-11496
CVE-2018-11496 affects lrzip 0.631, where a use-after-free occurs in read_stream due to missing size validation in decompress_file; Debian DLA-2725-1 fixes this in lrzip 0.631-1+deb9u1, and Ubuntu advisories USN-5171-1/2 indicate fixes for lrzip as part of the security updates. Remediation: upgra...