Search CVE reports
1 – 10 of 10 results
CVE-2023-22895
Medium priorityThe bzip2 crate before 0.4.4 for Rust allow attackers to cause a denial of service via a large file that triggers an integer overflow in mem.rs. NOTE: this is unrelated to the https://crates.io/crates/bzip2-rs product.
1 affected package
rust-bzip2
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
rust-bzip2 | Needs evaluation | Vulnerable | Vulnerable | Not in release | Ignored |
CVE-2019-12900
Medium priorityBZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors.
2 affected packages
bzip2, clamav
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
bzip2 | — | — | — | Fixed | Fixed |
clamav | — | — | — | Fixed | Fixed |
CVE-2016-3189
Low prioritySome fixes available 2 of 7
Use-after-free vulnerability in bzip2recover in bzip2 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted bzip2 file, related to block ends set to before the start of the block.
1 affected package
bzip2
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
bzip2 | — | — | — | Not affected | Fixed |
CVE-2011-4089
Medium priorityThe bzexe command in bzip2 1.0.5 and earlier generates compressed executables that do not properly handle temporary files during extraction, which allows local users to execute arbitrary code by precreating a temporary directory.
1 affected package
bzip2
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
bzip2 | — | — | — | — | — |
CVE-2010-0405
Medium priorityInteger overflow in the BZ2_decompress function in decompress.c in bzip2 and libbzip2 before 1.0.6 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a...
4 affected packages
bzip2, clamav, dpkg, dump
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
bzip2 | — | — | — | — | — |
clamav | — | — | — | — | — |
dpkg | — | — | — | — | — |
dump | — | — | — | — | — |
CVE-2009-1884
Medium priorityOff-by-one error in the bzinflate function in Bzip2.xs in the Compress-Raw-Bzip2 module before 2.018 for Perl allows context-dependent attackers to cause a denial of service (application hang or crash) via a crafted bzip2...
1 affected package
libcompress-raw-bzip2-perl
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libcompress-raw-bzip2-perl | — | — | — | — | — |
CVE-2008-1372
Medium prioritybzlib.c in bzip2 before 1.0.5 allows user-assisted remote attackers to cause a denial of service (crash) via a crafted file that triggers a buffer over-read, as demonstrated by the PROTOS GENOME test suite for Archive Formats.
1 affected package
bzip2
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
bzip2 | — | — | — | — | — |
CVE-2005-1260
Unknown prioritybzip2 allows remote attackers to cause a denial of service (hard drive consumption) via a crafted bzip2 file that causes an infinite loop (a.k.a "decompression bomb").
1 affected package
bzip2
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
bzip2 | — | — | — | — | — |
CVE-2005-0758
Unknown priorityzgrep in gzip before 1.3.5 does not properly sanitize arguments, which allows local users to execute arbitrary commands via filenames that are injected into a sed script.
2 affected packages
bzip2, gzip
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
bzip2 | — | — | — | — | — |
gzip | — | — | — | — | — |
CVE-2005-0953
Unknown priorityRace condition in bzip2 1.0.2 and earlier allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by bzip2 after the decompression...
1 affected package
bzip2
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
bzip2 | — | — | — | — | — |