Search CVE reports
1 – 4 of 4 results
CVE-2021-3520
Medium priorityThere's a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer overflow, leading to calling of memmove() on a negative size argument, causing an out-of-bounds...
1 affected packages
lz4
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| lz4 | — | Not affected | Fixed | Fixed | Fixed |
CVE-2019-17543
Low priorityLZ4 before 1.9.2 has a heap-based buffer overflow in LZ4_write32 (related to LZ4_compress_destSize), affecting applications that call LZ4_compress_fast with a large input. (This issue can also lead to data corruption.) NOTE: the...
1 affected packages
lz4
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| lz4 | — | Not affected | Not affected | Not affected | Not affected |
CVE-2014-4715
Medium prioritySome fixes available 1 of 56
Yann Collet LZ4 before r119, when used on certain 32-bit platforms that allocate memory beyond 0x80000000, does not properly detect integer overflows, which allows context-dependent attackers to cause a denial of service (memory...
10 affected packages
eet, efl, firefox, grub2, gtkwave...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| eet | — | Not in release | Not in release | Not in release | Not in release |
| efl | — | Not affected | Not affected | Not affected | Not affected |
| firefox | — | Not affected | Not affected | Not affected | Not affected |
| grub2 | — | Not affected | Not affected | Not affected | Not affected |
| gtkwave | — | Not affected | Not affected | Not affected | Not affected |
| lz4 | — | Not affected | Not affected | Not affected | Not affected |
| php-horde-lz4 | — | Not in release | Not in release | Not affected | Not affected |
| pytables | — | Not affected | Not affected | Not affected | Not affected |
| thunderbird | — | Not affected | Not affected | Not affected | Not affected |
| zfsutils | — | Not in release | Not in release | Not in release | Not in release |
CVE-2014-4611
Medium prioritySome fixes available 5 of 14
Integer overflow in the LZ4 algorithm implementation, as used in Yann Collet LZ4 before r118 and in the lz4_uncompress function in lib/lz4/lz4_decompress.c in the Linux kernel before 3.15.2, on 32-bit platforms might allow...
74 affected packages
linux, linux-aws, linux-aws-5.0, linux-aws-5.11, linux-aws-5.3...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| linux | — | — | Not affected | Not affected | Not affected |
| linux-aws | — | — | Not affected | Not affected | Not affected |
| linux-aws-5.0 | — | — | Not in release | Not affected | Not in release |
| linux-aws-5.11 | — | — | Not affected | Not in release | Not in release |
| linux-aws-5.3 | — | — | Not in release | Not affected | Not in release |
| linux-aws-5.4 | — | — | Not in release | Not affected | Not in release |
| linux-aws-5.8 | — | — | Not affected | Not in release | Not in release |
| linux-aws-hwe | — | — | Not in release | Not in release | Not affected |
| linux-azure | — | — | Not affected | Not affected | Not affected |
| linux-azure-4.15 | — | — | Not in release | Not affected | Not in release |
| linux-azure-5.11 | — | — | Not affected | Not in release | Not in release |
| linux-azure-5.3 | — | — | Not in release | Not affected | Not in release |
| linux-azure-5.4 | — | — | Not in release | Not affected | Not in release |
| linux-azure-5.8 | — | — | Not affected | Not in release | Not in release |
| linux-azure-edge | — | — | Not in release | Not affected | Not in release |
| linux-bluefield | — | — | Not affected | Not in release | Not in release |
| linux-dell300x | — | — | Not in release | Not affected | Not in release |
| linux-ec2 | — | — | Not in release | Not in release | Not in release |
| linux-euclid | — | — | Not in release | Not in release | Not affected |
| linux-flo | — | — | Not in release | Not in release | Not affected |
| linux-fsl-imx51 | — | — | Not in release | Not in release | Not in release |
| linux-gcp | — | — | Not affected | Not affected | Not affected |
| linux-gcp-4.15 | — | — | Not in release | Not affected | Not in release |
| linux-gcp-5.3 | — | — | Not in release | Not affected | Not in release |
| linux-gcp-5.4 | — | — | Not in release | Not affected | Not in release |
| linux-gcp-5.8 | — | — | Not affected | Not in release | Not in release |
| linux-gcp-edge | — | — | Not in release | Not affected | Not in release |
| linux-gke | — | — | Not affected | Not in release | Ignored |
| linux-gke-4.15 | — | — | Not in release | Not affected | Not in release |
| linux-gke-5.0 | — | — | Not in release | Not affected | Not in release |
| linux-gke-5.3 | — | — | Not in release | Not affected | Not in release |
| linux-gke-5.4 | — | — | Not in release | Not affected | Not in release |
| linux-gkeop | — | — | Not affected | Not in release | Not in release |
| linux-gkeop-5.4 | — | — | Not in release | Not affected | Not in release |
| linux-goldfish | — | — | Not in release | Not in release | Not affected |
| linux-grouper | — | — | Not in release | Not in release | Not in release |
| linux-hwe | — | — | Not in release | Not affected | Not affected |
| linux-hwe-5.11 | — | — | Not affected | Not in release | Not in release |
| linux-hwe-5.4 | — | — | Not in release | Not affected | Not in release |
| linux-hwe-5.8 | — | — | Not affected | Not in release | Not in release |
| linux-hwe-edge | — | — | Not in release | Not affected | Not affected |
| linux-kvm | — | — | Not affected | Not affected | Not affected |
| linux-lts-quantal | — | — | Not in release | Not in release | Not in release |
| linux-lts-raring | — | — | Not in release | Not in release | Not in release |
| linux-lts-saucy | — | — | Not in release | Not in release | Not in release |
| linux-lts-trusty | — | — | Not in release | Not in release | Not in release |
| linux-lts-utopic | — | — | Not in release | Not in release | Not in release |
| linux-lts-vivid | — | — | Not in release | Not in release | Not in release |
| linux-lts-wily | — | — | Not in release | Not in release | Not in release |
| linux-lts-xenial | — | — | Not in release | Not in release | Not in release |
| linux-maguro | — | — | Not in release | Not in release | Not in release |
| linux-mako | — | — | Not in release | Not in release | Not affected |
| linux-manta | — | — | Not in release | Not in release | Not in release |
| linux-mvl-dove | — | — | Not in release | Not in release | Not in release |
| linux-oem | — | — | Not in release | Not affected | Ignored |
| linux-oem-5.10 | — | — | Not affected | Not in release | Not in release |
| linux-oem-5.13 | — | — | Not affected | Not in release | Not in release |
| linux-oem-5.6 | — | — | Not affected | Not in release | Not in release |
| linux-oem-osp1 | — | — | Not in release | Not affected | Not in release |
| linux-oracle | — | — | Not affected | Not affected | Not affected |
| linux-oracle-5.0 | — | — | Not in release | Not affected | Not in release |
| linux-oracle-5.11 | — | — | Not affected | Not in release | Not in release |
| linux-oracle-5.3 | — | — | Not in release | Not affected | Not in release |
| linux-oracle-5.4 | — | — | Not in release | Not affected | Not in release |
| linux-oracle-5.8 | — | — | Not affected | Not in release | Not in release |
| linux-raspi | — | — | Not affected | Not in release | Not in release |
| linux-raspi-5.4 | — | — | Not in release | Not affected | Not in release |
| linux-raspi2 | — | — | Not affected | Not affected | Not affected |
| linux-raspi2-5.3 | — | — | Not in release | Not affected | Not in release |
| linux-riscv | — | — | Not affected | Not in release | Not in release |
| linux-riscv-5.11 | — | — | Not affected | Not in release | Not in release |
| linux-riscv-5.8 | — | — | Not affected | Not in release | Not in release |
| linux-snapdragon | — | — | Not in release | Not affected | Not affected |
| lz4 | — | — | Not affected | Not affected | Not affected |