Lucene search
Ubuntu.comUB:CVE-2018-25032HistoryMar 25, 2022 - 12:00 a.m.
CVE-2018-25032
2022-03-2500:00:00
ubuntu.com
ubuntu.com
32
0.003 Low
EPSS
Percentile
68.2%
zlib before 1.2.12 allows memory corruption when deflating (i.e., when
compressing) if the input has many distant matches.
Notes
| Author | Note |
|---|---|
| mdeslaur | since 3.1.3-7, rsync builds with the system zlib |
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 18.04 | noarch | klibc | < 2.0.4-9ubuntu2.2+esm1 | UNKNOWN |
| ubuntu | 20.04 | noarch | klibc | < 2.0.7-1ubuntu5.2 | UNKNOWN |
| ubuntu | 22.04 | noarch | klibc | < 2.0.10-4ubuntu0.1 | UNKNOWN |
| ubuntu | 23.10 | noarch | klibc | < 2.0.13-1ubuntu0.1 | UNKNOWN |
| ubuntu | 24.04 | noarch | klibc | < 2.0.13-4ubuntu0.1 | UNKNOWN |
| ubuntu | 14.04 | noarch | klibc | < 2.0.3-0ubuntu1.14.04.3+esm3 | UNKNOWN |
| ubuntu | 16.04 | noarch | klibc | < 2.0.4-8ubuntu1.16.04.4+esm2 | UNKNOWN |
| ubuntu | 20.04 | noarch | mariadb-10.3 | < 1:10.3.37-0ubuntu0.20.04.1 | UNKNOWN |
| ubuntu | 22.04 | noarch | mariadb-10.6 | < 1:10.6.11-0ubuntu0.22.04.1 | UNKNOWN |
| ubuntu | 22.10 | noarch | mariadb-10.6 | < 1:10.6.9-1 | UNKNOWN |
References
github.com/madler/zlib/issues/605
launchpad.net/bugs/cve/CVE-2018-25032
nvd.nist.gov/vuln/detail/CVE-2018-25032
security-tracker.debian.org/tracker/CVE-2018-25032
ubuntu.com/security/notices/USN-5355-1
ubuntu.com/security/notices/USN-5355-2
ubuntu.com/security/notices/USN-5359-1
ubuntu.com/security/notices/USN-5359-2
ubuntu.com/security/notices/USN-5739-1
ubuntu.com/security/notices/USN-6736-1
ubuntu.com/security/notices/USN-6736-2
www.cve.org/CVERecord?id=CVE-2018-25032
www.openwall.com/lists/oss-security/2022/03/24/1
Related
nessus
nessus
Rocky Linux 8 : rsync (RLSA-2022:2201)
2023-11-07 00:00:00
AlmaLinux 9 : rsync (ALSA-2022:4592)
2022-11-16 00:00:00
Amazon Linux AMI : zlib (ALAS-2022-1602)
2022-07-08 00:00:00
osv
osv
Nokogiri affected by zlib's Out-of-bounds Write vulnerability
2022-03-26 00:00:33
zlib vulnerability
2022-03-30 16:31:36
Important: mingw-zlib security update
2022-11-15 00:00:00
debian
debian
[SECURITY] [DLA 2993-1] libz-mingw-w64 security update
2022-05-07 13:29:14
[SECURITY] [DSA 5111-1] zlib security update
2022-04-01 15:21:03
[SECURITY] [DLA 2968-1] zlib security update
2022-04-02 21:16:25
prion
prion
Memory corruption
2022-03-25 09:15:00
oraclelinux
oraclelinux
zlib security update
2022-04-28 00:00:00
zlib security update
2022-05-12 00:00:00
zlib security update
2022-06-30 00:00:00
debiancve
debiancve
CVE-2018-25032
2022-03-25 09:15:00
qt
qt
Security advisory: Recently reported zlib compression issue impacts Qt
2022-04-05 00:00:00
openvas
openvas
Debian: Security Advisory (DLA-2968-1)
2022-04-03 00:00:00
Debian: Security Advisory (DSA-5111-1)
2022-04-02 00:00:00
SUSE: Security Advisory (SUSE-SU-2022:1043-1)
2022-03-31 00:00:00
rocky
rocky
rsync security update
2022-05-11 13:23:26
zlib security update
2022-04-28 14:07:14
fedora
fedora
[SECURITY] Fedora 34 Update: rsync-3.2.3-6.fc34
2022-04-29 06:56:42
[SECURITY] Fedora 36 Update: zlib-1.2.11-32.fc36
2022-08-14 02:39:31
[SECURITY] Fedora 35 Update: rsync-3.2.3-9.fc35
2022-04-18 17:14:58
aix
aix
AIX is vulnerable to denial of service due to zlib and zlibNX
2022-09-28 13:38:50
ubuntu
ubuntu
rsync vulnerability
2022-06-13 00:00:00
zlib vulnerability
2022-03-30 00:00:00
rsync vulnerability
2022-03-31 00:00:00
cbl_mariner
cbl_mariner
CVE-2018-25032 affecting package mariadb 10.3.35-1
2022-10-13 00:40:28
CVE-2018-25032 affecting package zlib for versions less than 1.2.12-1
2022-04-26 20:17:02
CVE-2018-25032 affecting package python3 3.7.13-3
2022-12-27 17:55:44
cloudlinux
cloudlinux
Fixed CVE-2018-25032 in rsync
2022-05-19 23:55:35
Fixed CVE-2018-25032 in zlib
2022-05-16 13:03:51
redhat
redhat
(RHSA-2022:2214) Important: zlib security update
2022-05-11 15:28:06
(RHSA-2022:4845) Important: zlib security update
2022-05-31 13:17:50
(RHSA-2022:1642) Important: zlib security update
2022-04-28 14:07:14
ibm
ibm
cve
cve
CVE-2018-25032
2022-03-25 09:15:00
wolfi
wolfi
CVE-2018-25032 vulnerabilities
2024-06-01 09:07:38
amazon
amazon
Important: zlib
2022-04-04 23:23:00
Important: zlib
2022-06-30 23:38:00
cloudfoundry
cloudfoundry
USN-5359-1: rsync vulnerability | Cloud Foundry
2022-05-23 00:00:00
cgr
cgr
CVE-2018-25032 vulnerabilities
2024-05-19 03:07:16
archlinux
archlinux
[ASA-202204-3] zlib: arbitrary code execution
2022-04-04 00:00:00
freebsd
freebsd
FreeBSD -- zlib compression out-of-bounds write
2022-04-06 00:00:00
almalinux
almalinux
Important: rsync security update
2022-05-11 13:23:26
Important: mingw-zlib security update
2022-11-08 00:00:00
github
github
Out-of-bounds Write in zlib affects Nokogiri
2022-04-11 21:21:28
owncloud
owncloud
Security updates in Desktop Client - ownCloud
2022-05-23 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-22:08.zlib
2022-04-06 00:00:00
redhatcve
redhatcve
CVE-2018-25032
2022-03-28 04:47:54
suse
suse
Security update for zlib (important)
2022-03-30 00:00:00
f5
f5
K21548854 : zlib vulnerability CVE-2018-25032
2022-05-19 00:00:00
alpinelinux
alpinelinux
CVE-2018-25032
2022-03-25 09:15:00
slackware
slackware
[slackware-security] zlib
2022-03-28 19:37:07
veracode
veracode
Denial Of Service (DoS)
2022-03-28 14:06:56
centos
centos
minizip, zlib security update
2022-05-13 17:32:57