An issue was discovered in libbzip3.a in bzip3 before 1.3.0. A bz3_decode_block out-of-bounds write can occur with a crafted archive because bzip3 does not follow the required procedure for interacting with libsais.
References
Configurations
History
07 Nov 2023, 04:11
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
15 Apr 2023, 04:16
Type | Values Removed | Values Added |
---|---|---|
References |
|
14 Apr 2023, 03:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
12 Apr 2023, 17:16
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://github.com/kspalaiologos/bzip3/issues/92 - Exploit, Issue Tracking, Patch | |
References | (MISC) https://github.com/kspalaiologos/bzip3/compare/1.2.3...1.3.0 - Release Notes | |
References | (MISC) https://github.com/kspalaiologos/bzip3/commit/bfa5bf82b53715dfedf048e5859a46cf248668ff - Patch | |
CWE | CWE-787 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.5 |
First Time |
Bzip3 Project
Bzip3 Project bzip3 |
|
CPE | cpe:2.3:a:bzip3_project:bzip3:*:*:*:*:*:*:*:* |
06 Apr 2023, 05:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-04-06 05:15
Updated : 2023-12-10 15:01
NVD link : CVE-2023-29416
Mitre link : CVE-2023-29416
CVE.ORG link : CVE-2023-29416
JSON object : View
Products Affected
bzip3_project
- bzip3
CWE
CWE-787
Out-of-bounds Write