Astra Linux - уязвимость в libzstd

Starting from v1.4.1 and before v1.4.9, due to an incomplete fix for CVE-2021-24031, the Zstandard command-line utility created output files with default permissions and then restricted those permissions immediately afterwards. As a result, the output files could temporarily be readable or writab...

Astra Linux - уязвимость в libzstd

In the Zstandard command-line utility prior to v1.4.1, output files were created with default permissions. The correct file permissions matching the input would only be set at the time of completion. As a result, output files could be readable or writable by unintended parties...

Astra Linux - уязвимость в libzstd

A vulnerability was discovered in zstd v1.4.10, where an attacker can provide an empty string as an argument to the command-line tool, causing a buffer overflow...

ROOT-OS-DEBIAN-11-CVE-2022-4899 CVE-2022-4899 in rootio-libzstd - Patched by Root

Root has patched CVE-2022-4899 in the rootio-libzstd package for Root:Debian:11. Multiple fixed versions available...

OPENSUSE-SU-2024:11544-1 libzstd-devel-1.5.0-1.13 on GA media

These are all security issues fixed in the libzstd-devel-1.5.0-1.13 package on the GA media of openSUSE Tumbleweed...

Amazon Linux 2023 : libzstd, libzstd-devel, libzstd-static (ALAS2023-2023-244)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-244 advisory. In zstd, supplying an empty string as an argument to either --output-dir-flat or --output-dir-mirror may cause a buffer overrun. CVE-2022-4899 Tenable has extracted the preceding description block...

Buffer Underflow

libzstd.so is vulnerable to Buffer Underflow. The vulnerability is due to not validating the character arguments dir1 and dir2 passed to mallocAndJoin2Dir function in util.c file . This can result in buffer underflow error when an empty string is passed to the dir1 argument causing application to...

Ubuntu: Security Advisory (USN-5720-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-5593-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-5593-1: Zstandard vulnerability

It was discovered that Zstandard incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code...

Ubuntu 18.04 LTS / 20.04 LTS : libzstd vulnerabilities (USN-4760-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4760-1 advisory. It was discovered that libzstd incorrectly handled file permissions. A local attacker could possibly use this issue to access certain files,...

USN-4760-1: libzstd vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description It was discovered that libzstd incorrectly handled file permissions. A local attacker could possibly use this issue to access certain files, contrary to expectations. CVEs contained in this USN include:...

Ubuntu: Security Advisory (USN-4760-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-4760-1: libzstd vulnerabilities

It was discovered that libzstd incorrectly handled file permissions. A local attacker could possibly use this issue to access certain files, contrary to expectations...

USN-4760-1 libzstd vulnerabilities

It was discovered that libzstd incorrectly handled file permissions. A local attacker could possibly use this issue to access certain files, contrary to expectations...

Debian DSA-4859-1 : libzstd - security update

It was discovered that zstd, a compression utility, was vulnerable to a race condition: it temporarily exposed, during a very short timeframe, a world-readable version of its input even if the original file had restrictive permissions. C Tenable Network Security, Inc. The descriptive text and...

Debian: Security Advisory (DSA-4859-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DLA-2573-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 2573-1] libzstd security update

----------------------------------------------------------------------- Debian LTS Advisory DLA-2573-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta February 20, 2021 https://wiki.debian.org/LTS -...

[SECURITY] [DSA 4859-1] libzstd security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4859-1 [email protected] https://www.debian.org/security/ Sebastien Delafond February 20, 2021 https://www.debian.org/security/faq -...