ALT-PU-2022-1706-1
Closed vulnerabilities
Published: 2022-03-23
BDU:2022-01641
Уязвимость библиотеки zlib, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (8.2)
Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
References:
Published: 2022-03-25
Modified: 2025-03-28
Modified: 2025-03-28
CVE-2018-25032
zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.
Severity: HIGH (7.5)
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
- 20220516 APPLE-SA-2022-05-16-4 Security Update 2022-004 Catalina
- 20220516 APPLE-SA-2022-05-16-4 Security Update 2022-004 Catalina
- 20220516 APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6
- 20220516 APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6
- 20220516 APPLE-SA-2022-05-16-2 macOS Monterey 12.4
- 20220516 APPLE-SA-2022-05-16-2 macOS Monterey 12.4
- [oss-security] 20220325 Re: zlib memory corruption on deflate (i.e. compress)
- [oss-security] 20220325 Re: zlib memory corruption on deflate (i.e. compress)
- [oss-security] 20220326 Re: zlib memory corruption on deflate (i.e. compress)
- [oss-security] 20220326 Re: zlib memory corruption on deflate (i.e. compress)
- https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf
- https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531
- https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531
- https://github.com/madler/zlib/compare/v1.2.11...v1.2.12
- https://github.com/madler/zlib/compare/v1.2.11...v1.2.12
- https://github.com/madler/zlib/issues/605
- https://github.com/madler/zlib/issues/605
- [debian-lts-announce] 20220402 [SECURITY] [DLA 2968-1] zlib security update
- [debian-lts-announce] 20220402 [SECURITY] [DLA 2968-1] zlib security update
- [debian-lts-announce] 20220507 [SECURITY] [DLA 2993-1] libz-mingw-w64 security update
- [debian-lts-announce] 20220507 [SECURITY] [DLA 2993-1] libz-mingw-w64 security update
- [debian-lts-announce] 20220916 [SECURITY] [DLA 3114-1] mariadb-10.3 security update
- [debian-lts-announce] 20220916 [SECURITY] [DLA 3114-1] mariadb-10.3 security update
- FEDORA-2022-b58a85e167
- FEDORA-2022-b58a85e167
- FEDORA-2022-61cf1c64f6
- FEDORA-2022-61cf1c64f6
- FEDORA-2022-3a92250fd5
- FEDORA-2022-3a92250fd5
- FEDORA-2022-413a80a102
- FEDORA-2022-413a80a102
- FEDORA-2022-12b89e2aad
- FEDORA-2022-12b89e2aad
- FEDORA-2022-dbd2935e44
- FEDORA-2022-dbd2935e44
- GLSA-202210-42
- GLSA-202210-42
- https://security.netapp.com/advisory/ntap-20220526-0009/
- https://security.netapp.com/advisory/ntap-20220526-0009/
- https://security.netapp.com/advisory/ntap-20220729-0004/
- https://security.netapp.com/advisory/ntap-20220729-0004/
- https://support.apple.com/kb/HT213255
- https://support.apple.com/kb/HT213255
- https://support.apple.com/kb/HT213256
- https://support.apple.com/kb/HT213256
- https://support.apple.com/kb/HT213257
- https://support.apple.com/kb/HT213257
- DSA-5111
- DSA-5111
- https://www.openwall.com/lists/oss-security/2022/03/24/1
- https://www.openwall.com/lists/oss-security/2022/03/24/1
- https://www.openwall.com/lists/oss-security/2022/03/28/1
- https://www.openwall.com/lists/oss-security/2022/03/28/1
- https://www.openwall.com/lists/oss-security/2022/03/28/3
- https://www.openwall.com/lists/oss-security/2022/03/28/3
- https://www.oracle.com/security-alerts/cpujul2022.html
- https://www.oracle.com/security-alerts/cpujul2022.html