Design/Logic Flaw

Divide-by-zero in Clickhouse's Gorilla compression codec when parsing a malicious query. The first byte of the compressed buffer is used in a modulo operation without being checked for 0...

Heap overflow

Heap out-of-bounds read in Clickhouse's LZ4 compression codec when parsing a malicious query. As part of the LZ4::decompressImpl loop, a 16-bit unsigned user-supplied value 'offset' is read from the compressed data. The offset is later used in the length of a copy operation, without checking the...

Heap overflow

Heap buffer overflow in Clickhouse's LZ4 compression codec when parsing a malicious query. There is no verification that the copy operations in the LZ4::decompressImpl loop and especially the arbitrary copy operation wildCopyop, ip, copyend, don’t exceed the destination buffer’s limits. This issu...

UBUNTU-CVE-2021-42387

Heap out-of-bounds read in Clickhouse's LZ4 compression codec when parsing a malicious query. As part of the LZ4::decompressImpl loop, a 16-bit unsigned user-supplied value 'offset' is read from the compressed data. The offset is later used in the length of a copy operation, without checking the...

UBUNTU-CVE-2021-42388

Heap out-of-bounds read in Clickhouse's LZ4 compression codec when parsing a malicious query. As part of the LZ4::decompressImpl loop, a 16-bit unsigned user-supplied value 'offset' is read from the compressed data. The offset is later used in the length of a copy operation, without checking the...

Design/Logic Flaw

Divide-by-zero in Clickhouse's Delta compression codec when parsing a malicious query. The first byte of the compressed buffer is used in a modulo operation without being checked for 0...

Design/Logic Flaw

Divide-by-zero in Clickhouse's DeltaDouble compression codec when parsing a malicious query. The first byte of the compressed buffer is used in a modulo operation without being checked for 0...

UBUNTU-CVE-2021-43305

Heap buffer overflow in Clickhouse's LZ4 compression codec when parsing a malicious query. There is no verification that the copy operations in the LZ4::decompressImpl loop and especially the arbitrary copy operation wildCopyop, ip, copyend, don’t exceed the destination buffer’s limits. This issu...

Heap overflow

Heap out-of-bounds read in Clickhouse's LZ4 compression codec when parsing a malicious query. As part of the LZ4::decompressImpl loop, a 16-bit unsigned user-supplied value 'offset' is read from the compressed data. The offset is later used in the length of a copy operation, without checking the...

CVE-2021-42387

Heap out-of-bounds read in Clickhouse's LZ4 compression codec when parsing a malicious query. As part of the LZ4::decompressImpl loop, a 16-bit unsigned user-supplied value 'offset' is read from the compressed data. The offset is later used in the length of a copy operation, without checking the...

CVE-2021-42391

CVE-2021-42391 affects ClickHouse through a divide-by-zero flaw in the Gorilla compression codec. The vulnerability arises when parsing a malicious query: the first byte of the compressed buffer is used in a modulo operation without validating for zero, potentially causing denial of service. The ...

CVE-2021-42391

Divide-by-zero in Clickhouse's Gorilla compression codec when parsing a malicious query. The first byte of the compressed buffer is used in a modulo operation without being checked for 0...

CVE-2021-42391

Divide-by-zero in Clickhouse's Gorilla compression codec when parsing a malicious query. The first byte of the compressed buffer is used in a modulo operation without being checked for 0...

CVE-2021-42390

Divide-by-zero in Clickhouse's DeltaDouble compression codec when parsing a malicious query. The first byte of the compressed buffer is used in a modulo operation without being checked for 0...

CVE-2021-42390

ClickHouse DeltaDouble compression codec vulnerability (CVE-2021-42390) arises from a divide-by-zero when the first byte of a compressed buffer is used in a modulo operation without zero-checking. It is exploited during parsing a malicious query, potentially causing a denial-of-service. The issue...

CVE-2021-42390

Divide-by-zero in Clickhouse's DeltaDouble compression codec when parsing a malicious query. The first byte of the compressed buffer is used in a modulo operation without being checked for 0...

CVE-2021-42389

Divide-by-zero in Clickhouse's Delta compression codec when parsing a malicious query. The first byte of the compressed buffer is used in a modulo operation without being checked for 0...

CVE-2021-42389

CVE-2021-42389 affects ClickHouse’s Delta compression codec. The vulnerability is a divide-by-zero: during parsing a malicious query, the first byte of the compressed buffer is used in a modulo operation without checking for 0. The issue is tied to the Delta codec, as described in multiple source...

CVE-2021-42389

Divide-by-zero in Clickhouse's Delta compression codec when parsing a malicious query. The first byte of the compressed buffer is used in a modulo operation without being checked for 0...

CVE-2021-43305

Summary : CVEs 2021-43304 and 2021-43305 describe heap/ buffer issues in ClickHouse’s LZ4 compression codec during parsing of crafted queries, due to unsafe copy bounds in LZ4::decompressImpl and the wildCopy function. The connected documents confirm a related set of advisories and mitigations ac...