Download
| Alert*
oval:org.secpod.oval:def:19500171
There's a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer overflow, leading to calling of memmove on a negative size argument, causing an out-of-bounds write and/or a crash. The greatest impact of this flaw is to availability, w ... oval:org.secpod.oval:def:73717 The lz4 packages provide support for LZ4, a very fast, lossless compression algorithm that provides compression speeds of 400 MB/s per core and scales with multicore CPUs. It also features an extremely fast decoder that reaches speeds of multiple GB/s per core and typically reaches RAM speed limits ... oval:org.secpod.oval:def:89047291 This update for lz4 fixes the following issues: - CVE-2021-3520: Fixed memory corruption due to an integer overflow bug caused by memmove argument . oval:org.secpod.oval:def:605537 Jasper Lievisse Adriaanse reported an integer overflow flaw in lz4, a fast LZ compression algorithm library, resulting in memory corruption. oval:org.secpod.oval:def:2500339 The lz4 packages provide support for LZ4, a very fast, lossless compression algorithm that provides compression speeds of 400 MB/s per core and scales with multicore CPUs. It also features an extremely fast decoder that reaches speeds of multiple GB/s per core and typically reaches RAM speed limits ... oval:org.secpod.oval:def:706021 lz4: Extremely fast compression algorithm LZ4 could be made to crash or run programs if it opened a specially crafted file. oval:org.secpod.oval:def:506230 The lz4 packages provide support for LZ4, a very fast, lossless compression algorithm that provides compression speeds of 400 MB/s per core and scales with multicore CPUs. It also features an extremely fast decoder that reaches speeds of multiple GB/s per core and typically reaches RAM speed limits ... oval:org.secpod.oval:def:2106754 Oracle Solaris 11 - ( CVE-2021-3520 ) oval:org.secpod.oval:def:73078 lz4: Extremely fast compression algorithm LZ4 could be made to crash or run programs if it opened a specially crafted file. oval:org.secpod.oval:def:4500044 The lz4 packages provide support for LZ4, a very fast, lossless compression algorithm that provides compression speeds of 400 MB/s per core and scales with multicore CPUs. It also features an extremely fast decoder that reaches speeds of multiple GB/s per core and typically reaches RAM speed limits ... oval:org.secpod.oval:def:89044317 This update for lz4 fixes the following issues: - CVE-2021-3520: Fixed memory corruption due to an integer overflow bug caused by memmove argument . oval:org.secpod.oval:def:1504994 [1.8.3-3] - Fix memory corruption due to an integer overflow _ Resolves: CVE-2021-3520 oval:org.secpod.oval:def:73081 Jasper Lievisse Adriaanse reported an integer overflow flaw in liblz4-dev, a fast LZ compression algorithm library, resulting in memory corruption. |