An issue was discovered in libbzip3.a in bzip3 1.2.2. There is a bz3_decompress out-of-bounds read in certain situations where buffers passed to bzip3 do not contain enough space to be filled with decompressed data. NOTE: the vendor's perspective is that the observed behavior can only occur for a contract violation, and thus the report is invalid.
References
Configurations
History
07 Nov 2023, 04:11
Type | Values Removed | Values Added |
---|---|---|
Summary | An issue was discovered in libbzip3.a in bzip3 1.2.2. There is a bz3_decompress out-of-bounds read in certain situations where buffers passed to bzip3 do not contain enough space to be filled with decompressed data. NOTE: the vendor's perspective is that the observed behavior can only occur for a contract violation, and thus the report is invalid. | |
References |
|
|
15 Apr 2023, 04:16
Type | Values Removed | Values Added |
---|---|---|
References |
|
14 Apr 2023, 03:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
12 Apr 2023, 17:16
Type | Values Removed | Values Added |
---|---|---|
First Time |
Bzip3 Project
Bzip3 Project bzip3 |
|
CPE | cpe:2.3:a:bzip3_project:bzip3:1.2.2:*:*:*:*:*:*:* | |
CWE | CWE-125 | |
References | (MISC) https://github.com/kspalaiologos/bzip3/issues/97 - Exploit, Issue Tracking, Patch | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.5 |
06 Apr 2023, 05:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-04-06 05:15
Updated : 2024-04-11 01:19
NVD link : CVE-2023-29417
Mitre link : CVE-2023-29417
CVE.ORG link : CVE-2023-29417
JSON object : View
Products Affected
bzip3_project
- bzip3
CWE
CWE-125
Out-of-bounds Read