PT-2026-25910

Summary Decompressing invalid LZ4 data can leak data from uninitialized memory, or can leak content from previous decompression operations when reusing an output buffer. Details The LZ4 block format defines a "match copy operation" which duplicates previously written data or data from the...

zstd:block_decompress: Heap-buffer-overflow in ZSTD_copy16

Project: https://github.com/facebook/zstd.git Detailed Report: https://oss-fuzz.com/testcase?key=5738666286120960 Project: zstd Fuzzing Engine: libFuzzer Fuzz Target: blockdecompress Job Type: libfuzzerasanzstd Platform Id: linux Crash Type: Heap-buffer-overflow READ 16 Crash Address:...