Updated: 2024-11-24 05:46:18.095891
Description:
BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors.
Links | NIST | CIRCL | RHEL | Ubuntu |
Severity | Score | |
---|---|---|
CVSS Version 2.x | HIGH | 7.5 |
CVSS Version 3.x | CRITICAL | 9.8 |
OS name | Project name | Version | Score | Severity | Status | Errata | Last updated | Statement |
---|---|---|---|---|---|---|---|---|
CentOS 8.4 ELS | bzip2 | 1.0.6 | 9.8 | CRITICAL | Released | CLSA-2024:1731340993 | 2024-11-11 11:52:33 | |
CentOS 8.4 ELS | python2 | 2.7.18 | 9.8 | CRITICAL | Not Vulnerable | 2024-11-11 11:52:33 | ||
CentOS 8.4 ELS | python3 | 3.6.8 | 9.8 | CRITICAL | Not Vulnerable | 2024-11-11 11:52:33 | ||
CentOS 8.5 ELS | python3 | 3.6.8 | 9.8 | CRITICAL | Not Vulnerable | 2024-11-11 11:52:33 | ||
CentOS 8.5 ELS | bzip2 | 1.0.6 | 9.8 | CRITICAL | Released | CLSA-2024:1731341386 | 2024-11-11 11:52:34 | |
CentOS 8.5 ELS | python2 | 2.7.18 | 9.8 | CRITICAL | Not Vulnerable | 2024-11-11 11:52:33 | ||
CentOS Stream 8 ELS | python2 | 2.7.18 | 9.8 | CRITICAL | Not Vulnerable | 2024-11-11 11:52:33 | ||
CentOS Stream 8 ELS | bzip2 | 1.0.6 | 9.8 | CRITICAL | Released | CLSA-2024:1731337736 | 2024-11-11 11:52:35 |