libbzip3.so is vulnerable to Out-of-Bounds Reads. The vulnerability exists in libbz3.c
via the bz3_decode_block
which allows an attacker to perform out-of bound reads causing an application crash.
github.com/advisories/GHSA-qrqf-2crr-jvqf
github.com/kspalaiologos/bzip3/commit/8ec8ce7d3d58bf42dabc47e4cc53aa27051bd602
github.com/kspalaiologos/bzip3/compare/1.2.2...1.2.3
github.com/kspalaiologos/bzip3/issues/92
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4JLSE25SV7K2NB6FTFT4UHJOJUHBHYHY/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NA7S7HDUAINOTCSWQZ5LIW756DYY22V2/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NMLFV2FJK3CM7NJLVPZI5RUAFQZICPWW/
lists.fedoraproject.org/archives/list/[email protected]/message/4JLSE25SV7K2NB6FTFT4UHJOJUHBHYHY/
lists.fedoraproject.org/archives/list/[email protected]/message/NA7S7HDUAINOTCSWQZ5LIW756DYY22V2/
lists.fedoraproject.org/archives/list/[email protected]/message/NMLFV2FJK3CM7NJLVPZI5RUAFQZICPWW/