JLSEC-2025-10 Use-after-free vulnerability in bzip2recover in bzip2 1.0.6 allows remote attackers to cause a denia...

Use-after-free vulnerability in bzip2recover in bzip2 1.0.6 allows remote attackers to cause a denial of service crash via a crafted bzip2 file, related to block ends set to before the start of the block...

Amazon Linux 2 : bzip2 (ALAS-2021-1652)

The version of bzip2 installed on the remote host is prior to 1.0.6-13. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2021-1652 advisory. BZ2decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors. CVE-2019-12900 Tenabl...

CVE-2019-12900

A data integrity error was found in the Linux Kernel's bzip2 functionality when decompressing. This issue occurs when a user decompresses a particular kind of .bz2 files. A local user could get unexpected results or corrupted data as result of decompressing these files...

CVE-2019-12900

CVE-2019-12900 affects bzip2 up to 1.0.6. The vulnerability is an out-of-bounds write in BZ2_decompress (decompress.c) when there are many selectors, potentially causing memory corruption. Public notices list multiple vendor advisories (e.g., Rocky Linux/AlmaLinux, Debian/Ubuntu, OpenSUSE, Amazon...

[SECURITY] Fedora 25 Update: bzip2-1.0.6-21.fc25

Bzip2 is a freely available, patent-free, high quality data compressor. Bzip2 compresses files to within 10 to 15 percent of the capabilities of the best techniques available. However, bzip2 has the added benefit of being approximately two times faster at compression and six times faster at...

[SECURITY] Fedora 13 Update: bzip2-1.0.6-1.fc13

Bzip2 is a freely available, patent-free, high quality data compressor. Bzip2 compresses files to within 10 to 15 percent of the capabilities of the best techniques available. However, bzip2 has the added benefit of being approximately two times faster at compression and six times faster at...