CLSA-2026-1777969769 bzip2: Fix of CVE-2019-12900

CVE-2019-12900: fix out-of-bounds write in BZ2decompress many selectors...

Advisory ROSA-SA-2025-3045

Software: bzip2 1.0.6 OS: ROSA Virtualization 3.1 unaffected versions = bzip2-1.0.6-28.rv31 affected versions bzip2-1.0.6-28.rv31 CVE-ID: CVE-2019-12900 BDU-ID: CVE-Crit: HIGH CVE-DESC.: A vulnerability in the BZ2decompress decompress.c function of the bzip2 data compression utility is related to...

bzip2 security update

1.0.6-27.0.1 - CVE-2019-12900: Accept as many selectors as the file format allows Orabug: 37266061 1.0.6-27 - Fixes out of bounds access in BZ2decompress RHEL-64929...

Low: bzip2 security update

The bzip2 packages contain a freely available, high-quality data compressor. It provides both standalone compression and decompression utilities, as well as a shared library for use with other programs. Security Fixes: bzip2: out-of-bounds write in function BZ2decompress CVE-2019-12900 For more...

K68713584: bzip2 vulnerability CVE-2019-12900

Security Advisory Description BZ2decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors. CVE-2019-12900 Impact BIG-IP AAM If an iSession tunnel is configured with an iSession profile that has bzip2 compression enabled, an attacker using speciall...

SUSE CVE-2019-12900

BZ2decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors...

Mageia: Security Advisory (MGASA-2019-0328)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OSV-2022-39 Stack-buffer-overflow in BZ2_decompress

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=43564 Crash type: Stack-buffer-overflow READ 1 Crash state: BZ2decompress BZ2bzDecompress ftbzip2filefilloutput...

OSV-2020-791 UNKNOWN READ in BZ2_decompress

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15639 Crash type: UNKNOWN READ Crash state: BZ2decompress BZ2bzDecompress ftbzip2filefilloutput...

CVE-2019-12900

A data integrity error was found in the Linux Kernel's bzip2 functionality when decompressing. This issue occurs when a user decompresses a particular kind of .bz2 files. A local user could get unexpected results or corrupted data as result of decompressing these files...

CVE-2019-12900

BZ2decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors...

DEBIAN-CVE-2019-12900

BZ2decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors...

Out-of-bounds

BZ2decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors...

CVE-2019-12900

CVE-2019-12900 affects bzip2 up to 1.0.6. The vulnerability is an out-of-bounds write in BZ2_decompress (decompress.c) when there are many selectors, potentially causing memory corruption. Public notices list multiple vendor advisories (e.g., Rocky Linux/AlmaLinux, Debian/Ubuntu, OpenSUSE, Amazon...

CVE-2019-12900

BZ2decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors...

karchive/karchive_fuzzer: Index-out-of-bounds in BZ2_decompress

Project: git://anongit.kde.org/karchive Detailed report: https://oss-fuzz.com/testcase?key=5204259928276992 Project: karchive Fuzzer: libFuzzerkarchivefuzzer Fuzz target binary: karchivefuzzer Job Type: libfuzzerubsankarchive Platform Id: linux Crash Type: Index-out-of-bounds Crash Address: Crash...

minizip/unzip_fuzzer: Index-out-of-bounds in BZ2_decompress

Project: https://github.com/nmoinvaz/minizip.git Detailed report: https://oss-fuzz.com/testcase?key=5714988497371136 Project: minizip Fuzzer: libFuzzerminizipunzipfuzzer Fuzz target binary: unzipfuzzer Job Type: libfuzzerubsanminizip Platform Id: linux Crash Type: Index-out-of-bounds Crash Addres...

PHP 7.0.8 / 5.6.23 / 5.5.37 - bzread() Out-of-Bounds Write

Exploit for php platform in category dos / poc ''' PHP 7.0.8, 5.6.23 and 5.5.37 does not perform adequate error handling in its bzread' function: php-7.0.8/ext/bz2/bz2.c ,---- | 364 static PHPFUNCTIONbzread | 365 | ... | 382 ZSTRLENdata = phpstreamreadstream, ZSTRVALdata, ZSTRLENdata; | 383...

Oracle: Security Advisory (ELSA-2010-0858)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Update : bzip2 (openSUSE-SU-2010:0684-1)

This update fixes an integer overflow in the BZ2decompress function of bzip2/libbz2. This can be exploited via a crafted archive to cause a denial of service or even execute arbitrary code. CVE-2010-0405 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks ...