Advisory ROSA-SA-2026-3195

Software: lz4 1.8.3 OS: ROSA Virtualization 2.1 unaffected versions = lz4-1.8.3-5.rv3 affected versions lz4-1.8.3-5.rv3 CVE-ID: CVE-2019-17543 BDU-ID: 2023-07612 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the LZ4 lossless data compression algorithm is related to writing beyond buffer boundaries...

Advisory ROSA-SA-2026-3155

Software: lz4 1.8.3 OS: ROSA Virtualization 3.1 unaffected versions = lz4-1.8.3-5.rv31 affected versions lz4-1.8.3-5.rv31 CVE-ID: CVE-2019-17543 BDU-ID: 2023-07612 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the LZ4 lossless data compression algorithm is related to writing beyond buffer...

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation iFixes for January 2026.

Summary In addition to many updates of operating system level packages, the following security vulnerabilities are addressed with IBM Cloud Pak for Business Automation 24.0.0-IF008. Vulnerability Details CVEID:CVE-2019-17543 DESCRIPTION: LZ4 before 1.9.2 has a heap-based buffer overflow in...

MiracleLinux 8 : lz4-1.8.3-5.el8_10 (AXSA:2025-10510:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10510:01 advisory. lz4: heap-based buffer overflow in LZ4write32 CVE-2019-17543 Tenable has extracted the preceding description block directly from the MiracleLinux security...

AlmaLinux 8 : lz4 (ALSA-2025:11035)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:11035 advisory. lz4: heap-based buffer overflow in LZ4write32 CVE-2019-17543 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory...

lz4 security update

An update is available for lz4. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The lz4 packages provide support for LZ4, a very fast, lossless compression...

RLSA-2025:11035 Moderate: lz4 security update

The lz4 packages provide support for LZ4, a very fast, lossless compression algorithm that provides compression speeds of 400 MB/s per core and scales with multicore CPUs. It also features an extremely fast decoder that reaches speeds of multiple GB/s per core and typically reaches RAM speed limi...

ALSA-2025:11035 Moderate: lz4 security update

The lz4 packages provide support for LZ4, a very fast, lossless compression algorithm that provides compression speeds of 400 MB/s per core and scales with multicore CPUs. It also features an extremely fast decoder that reaches speeds of multiple GB/s per core and typically reaches RAM speed limi...

Oracle Linux 8 : lz4 (ELSA-2025-11035)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-11035 advisory. - Fix CVE-2019-17543 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not tested fo...

RHEL 8 : lz4 (RHSA-2025:11035)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:11035 advisory. The lz4 packages provide support for LZ4, a very fast, lossless compression algorithm that provides compression speeds of 400 MB/s per core and scal...

lz4 security update

1.8.3-5 - Fix a renamed variable in one of the patches - Since the variable was used in an assert, the regular build did not fail, but the QA builds did. - Related: RHEL-87362 1.8.3-4 - Fix CVE-2019-17543 - Resolves: RHEL-87362...

Linux Distros Unpatched Vulnerability : CVE-2019-17543

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - LZ4 before 1.9.2 has a heap-based buffer overflow in LZ4write32 related to LZ4compressdestSize, affecting applications that call LZ4compressfast with a large...

RHEL 7 : lz4 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - lz4: heap-based buffer overflow in LZ4write32 CVE-2019-17543 Note that Nessus has not tested for this issue but has...

RHEL 7 : lz4 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - lz4: memory corruption due to an integer overflow bug caused by memmove argument CVE-2021-3520 - LZ4 befo...

CVE-2019-17543

creationtimestamp| type| source ---|---|--- 2024-01-08 12:06:48+00:00| seen| https://t.me/ctinow/164301...

Mageia: Security Advisory (MGASA-2019-0375)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MySQL 8.0.x < 8.0.26 Multiple Vulnerabilities (July 2025 CPU)

The version of MySQL running on the remote host is 8.0.x prior to 8.0.26. It is, therefore, affected by multiple vulnerabilities, including the following, as noted in the July 2021 Critical Patch Update advisory: - curl 7.75.0 through 7.76.1 suffers from a use-after-free vulnerability resulting i...

Oracle MySQL Server <= 5.7.34 / 8.0 <= 8.0.25 Security Update (cpujul2021) - Linux

Oracle MySQL Server is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:oracle:mysql"; if...

Oracle MySQL Server <= 5.7.34 / 8.0 <= 8.0.25 Security Update (cpujul2021) - Windows

Oracle MySQL Server is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:oracle:mysql"; if...

Advisory ROSA-SA-2021-1912

Software: lz4 1.8.3 OS: Cobalt 7.9 CVE-ID: CVE-2019-17543 CVE-Crit: HIGH CVE-DESC: LZ4 before 1.9.2 has a heap-based buffer overflow in LZ4write32 related to LZ4compressdestSize affecting applications that call LZ4compressfast with large input. This issue can also cause data corruption. NOTE: the...