8 matches found
CVE-2022-26291
lrzip v0.641 was discovered to contain a multiple concurrency use-after-free between the functions zpaqdecompressbuf and clearrulist. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted Irz file...
Ubuntu: Security Advisory (USN-5840-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS / 22.04 LTS : Long Range ZIP vulnerabilities (USN-5840-1)
The remote Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5840-1 advisory. It was discovered that Long Range ZIP incorrectly handled pointers. If a user or an automated system were tricked int...
[SECURITY] [DSA 5145-1] lrzip security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5145-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 24, 2022 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2981-1] lrzip security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2981-1 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler April 13, 2022 https://wiki.debian.org/LTS -...
CVE-2022-26291
lrzip v0.641 was discovered to contain a multiple concurrency use-after-free between the functions zpaqdecompressbuf and clearrulist. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted Irz file...
CVE-2022-26291
CVE-2022-26291 affects lrzip, where a concurrency use-after-free between zpaq_decompress_buf() and clear_rulist() can cause a Denial of Service via a crafted lrz file. The issue is confirmed in Debian/Ubuntu advisories: fixed in lrzip 0.641-1+deb11u1 (Bullseye) and related backports, with earlier...
CVE-2022-26291
lrzip v0.641 was discovered to contain a multiple concurrency use-after-free between the functions zpaqdecompressbuf and clearrulist. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted Irz file...