zlib before 1.2.12 allows memory corruption when deflating (i.e., when
compressing) if the input has many distant matches.
Author | Note |
---|---|
mdeslaur | since 3.1.3-7, rsync builds with the system zlib |
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 18.04 | noarch | klibc | < 2.0.4-9ubuntu2.2+esm1 | UNKNOWN |
ubuntu | 20.04 | noarch | klibc | < 2.0.7-1ubuntu5.2 | UNKNOWN |
ubuntu | 22.04 | noarch | klibc | < 2.0.10-4ubuntu0.1 | UNKNOWN |
ubuntu | 23.10 | noarch | klibc | < 2.0.13-1ubuntu0.1 | UNKNOWN |
ubuntu | 24.04 | noarch | klibc | < 2.0.13-4ubuntu0.1 | UNKNOWN |
ubuntu | 14.04 | noarch | klibc | < 2.0.3-0ubuntu1.14.04.3+esm3 | UNKNOWN |
ubuntu | 16.04 | noarch | klibc | < 2.0.4-8ubuntu1.16.04.4+esm2 | UNKNOWN |
ubuntu | 20.04 | noarch | mariadb-10.3 | < 1:10.3.37-0ubuntu0.20.04.1 | UNKNOWN |
ubuntu | 22.04 | noarch | mariadb-10.6 | < 1:10.6.11-0ubuntu0.22.04.1 | UNKNOWN |
ubuntu | 22.10 | noarch | mariadb-10.6 | < 1:10.6.9-1 | UNKNOWN |
github.com/madler/zlib/issues/605
launchpad.net/bugs/cve/CVE-2018-25032
nvd.nist.gov/vuln/detail/CVE-2018-25032
security-tracker.debian.org/tracker/CVE-2018-25032
ubuntu.com/security/notices/USN-5355-1
ubuntu.com/security/notices/USN-5355-2
ubuntu.com/security/notices/USN-5359-1
ubuntu.com/security/notices/USN-5359-2
ubuntu.com/security/notices/USN-5739-1
ubuntu.com/security/notices/USN-6736-1
ubuntu.com/security/notices/USN-6736-2
www.cve.org/CVERecord?id=CVE-2018-25032
www.openwall.com/lists/oss-security/2022/03/24/1