RLSA-2026:20568 Important: jmc security update

JDK Mission Control is a powerful profiler for HotSpot JVMs and has an advanced set of tools that enables efficient and detailed analysis of the extensive data collected by JDK Flight Recorder. The tool chain enables developers and administrators to collect and analyze data from Java applications...

CLSA-2026-1777307383 lz4: Fix of CVE-2021-3520

CVE-2021-3520: Fix potential memory corruption with negative memmove size...

UBUNTU-CVE-2025-62813

LZ4 through 1.10.0 allows attackers to cause a denial of service application crash or possibly have unspecified other impact when the application processes untrusted LZ4 frames. For example, LZ4FcreateCDictadvanced in lib/lz4frame.c mishandles NULL checks...

UBUNTU-CVE-2022-49078

In the Linux kernel, the following vulnerability has been resolved: lz4: fix LZ4decompresssafepartial read out of bound When partialDecoding, it is EOF if we've either filled the output buffer or can't proceed with reading an offset for following match. In some extreme corner cases when compresse...

CLSA-2023-1695326199 lz4: Fix of CVE-2021-3520

CVE-2021-3520: Fix potential memory corruption with negative memmove size...

SUSE CVE-2019-17543

LZ4 before 1.9.2 has a heap-based buffer overflow in LZ4write32 related to LZ4compressdestSize, affecting applications that call LZ4compressfast with a large input. This issue can also lead to data corruption. NOTE: the vendor states "only a few specific / uncommon usages of the API are at risk."...

lz4: memory corruption due to an integer overflow bug caused by memmove argument

There's a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer overflow, leading to calling of memmove on a negative size argument, causing an out-of-bounds write and/or a crash. The greatest impact of this flaw is to availability...

UBUNTU-CVE-2021-3520

There's a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer overflow, leading to calling of memmove on a negative size argument, causing an out-of-bounds write and/or a crash. The greatest impact of this flaw is to availability...

List of Security Fixes and Improvements in Veeam Agent for Linux

Purpose This article describes all security-related fixes and improvements introduced in each release or update of Veeam Agent for Linux. The goal of this article is to provide our customers' security and compliance teams with the detailed information on security improvements between releases, in...

DEBIAN-CVE-2019-17543

LZ4 before 1.9.2 has a heap-based buffer overflow in LZ4write32 related to LZ4compressdestSize, affecting applications that call LZ4compressfast with a large input. This issue can also lead to data corruption. NOTE: the vendor states "only a few specific / uncommon usages of the API are at risk."...