AZL-75366 CVE-2026-24812 affecting package openjpeg2 2.3.1-12

Vulnerability in root-project root builtins/zlib modules. This vulnerability is associated with program files inftrees.C. This issue affects root: through 6.36.00-rc1...

AZL-75393 CVE-2026-24812 affecting package openjpeg2 2.3.1-12

Vulnerability in root-project root builtins/zlib modules. This vulnerability is associated with program files inftrees.C. This issue affects root: through 6.36.00-rc1...

CVE-2026-24812

Vulnerability in root-project root builtins/zlib modules. This vulnerability is associated with program files inftrees.C. This issue affects root: through 6.36.00-rc1...

CVE-2026-24812

Vulnerability in root-project root builtins/zlib modules. This vulnerability is associated with program files inftrees.C. This issue affects root: through 6.36.00-rc1...

EUVD-2026-4762

Vulnerability in root-project root builtins/zlib modules. This vulnerability is associated with program files inftrees.C. This issue affects root: through 6.36.00-rc1...

PT-2026-4887

Vulnerability in root-project root builtins/zlib modules. This vulnerability is associated with program files inftrees.C. This issue affects root: through 6.36.00-rc1...

Root security vulnerabilities

Root is a big data processing tool developed by ROOT OpenSource. Versions of Root 6.36.00-rc1 and earlier have security vulnerabilities. These vulnerabilities stem from a flaw in the zlib component inftrees.C, which may lead to memory corruption...

Azure Linux 3.0 Security Update: fltk (CVE-2016-9840)

The version of fltk installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2016-9840 advisory. - inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging...

MiracleLinux 7 : rsync-3.1.2-12.0.5.el7.AXS7 (AXSA:2025-11113:09)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2025-11113:09 advisory. CVE-2016-9840: fix improper pointer arithmetic in inftrees.c CVEs: CVE-2016-9840 inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have...

CLSA-2025-1762544268 rsync: Fix of CVE-2016-9840

CVE-2016-9840: fix improper pointer arithmetic in inftrees.c...

CLSA-2025-1762540173 rsync: Fix of CVE-2016-9840

CVE-2016-9840: fix improper pointer arithmetic in inftrees.c...

zlib: Out-of-bound pointer arithmetic in inftrees.c

A vulnerability was discovered in the inftrees.c file of zlib. Pointer arithmetic operations violate the C standard by subtracting an offset from an array pointer before its allocated memory, leading to undefined behavior...

RHEL 8 : rsync (RHSA-2025:13947)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:13947 advisory. The rsync utility enables the users to copy and synchronize files locally or across a network. Synchronization with rsync is fast because rsync only...

Incorrect Pointer Scaling

Overview Affected versions of this package are vulnerable to Incorrect Pointer Scaling through the inftrees.c component. An attacker can cause undefined behavior by exploiting improper pointer arithmetic. This is only exploitable if the PCL version is older than 1.14.0 or the user specifically...

inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic

...

SUSE CVE-2016-9840

inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic...

zlib: Out-of-bound pointer arithmetic in inftrees.c

A vulnerability was discovered in the inftrees.c file of zlib. Pointer arithmetic operations violate the C standard by subtracting an offset from an array pointer before its allocated memory, leading to undefined behavior...

zlib: Out-of-bound pointer arithmetic in inftrees.c

A vulnerability was discovered in the inftrees.c file of zlib. Pointer arithmetic operations violate the C standard by subtracting an offset from an array pointer before its allocated memory, leading to undefined behavior...

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS inftrees.h in zlib 1.2.2 allows remote attackers to cause a denial of service application crash via an invalid file that causes a large dynamic tree to be produced. Remediation There is no fixed version for zlib...