Headline

RHSA-2023:1095: Red Hat Security Advisory: zlib security update

An update for zlib is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

CVE-2022-37434: A security vulnerability was found in zlib. The flaw triggered a heap-based buffer in inflate in the inflate.c function via a large gzip header extra field. This flaw is only applicable in the call inflateGetHeader.

1 year ago

Red Hat Security Data

Open in Source

#vulnerability #linux #red_hat #ibm #ssl

Synopsis

Moderate: zlib security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for zlib is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The zlib packages provide a general-purpose lossless data compression library that is used by many different programs.

Security Fix(es):

zlib: heap-based buffer over-read and overflow in inflate() in inflate.c via a large gzip header extra field (CVE-2022-37434)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected Products

Red Hat Enterprise Linux Server 7 x86_64
Red Hat Enterprise Linux Workstation 7 x86_64
Red Hat Enterprise Linux Desktop 7 x86_64
Red Hat Enterprise Linux for IBM z Systems 7 s390x
Red Hat Enterprise Linux for Power, big endian 7 ppc64
Red Hat Enterprise Linux for Scientific Computing 7 x86_64
Red Hat Enterprise Linux for Power, little endian 7 ppc64le

Fixes

BZ - 2116639 - CVE-2022-37434 zlib: heap-based buffer over-read and overflow in inflate() in inflate.c via a large gzip header extra field

Red Hat Enterprise Linux Server 7

SRPM

zlib-1.2.7-21.el7_9.src.rpm

SHA-256: 4bef78e18f6271fb9bdb208b24bc8dc6c91f9358aec1ff41147074c5d7c83eae

x86_64

minizip-1.2.7-21.el7_9.i686.rpm

SHA-256: 6b378c5d3a36d6295f7162ad55959c666b410ffe7e7f03aaeafda2a051436f09

minizip-1.2.7-21.el7_9.x86_64.rpm

SHA-256: 5cbfef0897af1617abfefd220cf6b100042eb56e0777b8691029bea579e0dd24

minizip-devel-1.2.7-21.el7_9.i686.rpm

SHA-256: 462c2492e40cb7286a0c79f86f0523b881fae60a555a38c8c708eac96a6cf527

minizip-devel-1.2.7-21.el7_9.x86_64.rpm

SHA-256: 1e0c52c30a2d1f1ad67d5d546edf0316946425d795072aa1b28dc8fbe17c457f

zlib-1.2.7-21.el7_9.i686.rpm

SHA-256: 34f6a4429dc03c988c983196e2cc7fe22af7b82f65e04a2f24df649a51bd7470

zlib-1.2.7-21.el7_9.x86_64.rpm

SHA-256: 52d976313bad20c13c4457feef27952da92ee9e21d60d2b9a963d212422b9db5

zlib-debuginfo-1.2.7-21.el7_9.i686.rpm

SHA-256: 919e27d5f5d48213530779becddbc9c7fbbe8457fd3df79063a57dc1e43a53ff

zlib-debuginfo-1.2.7-21.el7_9.i686.rpm

SHA-256: 919e27d5f5d48213530779becddbc9c7fbbe8457fd3df79063a57dc1e43a53ff

zlib-debuginfo-1.2.7-21.el7_9.x86_64.rpm

SHA-256: 8fe740f2783c7ab8aff5298c6286f88c03703738ea242d7529ac6ef079d26b2f

zlib-debuginfo-1.2.7-21.el7_9.x86_64.rpm

SHA-256: 8fe740f2783c7ab8aff5298c6286f88c03703738ea242d7529ac6ef079d26b2f

zlib-devel-1.2.7-21.el7_9.i686.rpm

SHA-256: da788f9bd9ac92dbd09566858b6337039681a29c11f5b5f779e15d4b232f37e7

zlib-devel-1.2.7-21.el7_9.x86_64.rpm

SHA-256: 1ef8c1a3e9d9a7b0df89e295e991c93f4f869dd94114a6dd7b24313eeb8dcd95

zlib-static-1.2.7-21.el7_9.i686.rpm

SHA-256: 06d39fedf45e2e532e30385016452b896e2e2d677208ae9f59df60a7116657bc

zlib-static-1.2.7-21.el7_9.x86_64.rpm

SHA-256: 0c0cb6392971a1667dcf631201d14841e2e7c9ab03403a9d3a537eb319cff18f

Red Hat Enterprise Linux Workstation 7

SRPM

zlib-1.2.7-21.el7_9.src.rpm

SHA-256: 4bef78e18f6271fb9bdb208b24bc8dc6c91f9358aec1ff41147074c5d7c83eae

x86_64

minizip-1.2.7-21.el7_9.i686.rpm

SHA-256: 6b378c5d3a36d6295f7162ad55959c666b410ffe7e7f03aaeafda2a051436f09

minizip-1.2.7-21.el7_9.x86_64.rpm

SHA-256: 5cbfef0897af1617abfefd220cf6b100042eb56e0777b8691029bea579e0dd24

minizip-devel-1.2.7-21.el7_9.i686.rpm

SHA-256: 462c2492e40cb7286a0c79f86f0523b881fae60a555a38c8c708eac96a6cf527

minizip-devel-1.2.7-21.el7_9.x86_64.rpm

SHA-256: 1e0c52c30a2d1f1ad67d5d546edf0316946425d795072aa1b28dc8fbe17c457f

zlib-1.2.7-21.el7_9.i686.rpm

SHA-256: 34f6a4429dc03c988c983196e2cc7fe22af7b82f65e04a2f24df649a51bd7470

zlib-1.2.7-21.el7_9.x86_64.rpm

SHA-256: 52d976313bad20c13c4457feef27952da92ee9e21d60d2b9a963d212422b9db5

zlib-debuginfo-1.2.7-21.el7_9.i686.rpm

SHA-256: 919e27d5f5d48213530779becddbc9c7fbbe8457fd3df79063a57dc1e43a53ff

zlib-debuginfo-1.2.7-21.el7_9.i686.rpm

SHA-256: 919e27d5f5d48213530779becddbc9c7fbbe8457fd3df79063a57dc1e43a53ff

zlib-debuginfo-1.2.7-21.el7_9.x86_64.rpm

SHA-256: 8fe740f2783c7ab8aff5298c6286f88c03703738ea242d7529ac6ef079d26b2f

zlib-debuginfo-1.2.7-21.el7_9.x86_64.rpm

SHA-256: 8fe740f2783c7ab8aff5298c6286f88c03703738ea242d7529ac6ef079d26b2f

zlib-devel-1.2.7-21.el7_9.i686.rpm

SHA-256: da788f9bd9ac92dbd09566858b6337039681a29c11f5b5f779e15d4b232f37e7

zlib-devel-1.2.7-21.el7_9.x86_64.rpm

SHA-256: 1ef8c1a3e9d9a7b0df89e295e991c93f4f869dd94114a6dd7b24313eeb8dcd95

zlib-static-1.2.7-21.el7_9.i686.rpm

SHA-256: 06d39fedf45e2e532e30385016452b896e2e2d677208ae9f59df60a7116657bc

zlib-static-1.2.7-21.el7_9.x86_64.rpm

SHA-256: 0c0cb6392971a1667dcf631201d14841e2e7c9ab03403a9d3a537eb319cff18f

Red Hat Enterprise Linux Desktop 7

SRPM

zlib-1.2.7-21.el7_9.src.rpm

SHA-256: 4bef78e18f6271fb9bdb208b24bc8dc6c91f9358aec1ff41147074c5d7c83eae

x86_64

minizip-1.2.7-21.el7_9.i686.rpm

SHA-256: 6b378c5d3a36d6295f7162ad55959c666b410ffe7e7f03aaeafda2a051436f09

minizip-1.2.7-21.el7_9.x86_64.rpm

SHA-256: 5cbfef0897af1617abfefd220cf6b100042eb56e0777b8691029bea579e0dd24

minizip-devel-1.2.7-21.el7_9.i686.rpm

SHA-256: 462c2492e40cb7286a0c79f86f0523b881fae60a555a38c8c708eac96a6cf527

minizip-devel-1.2.7-21.el7_9.x86_64.rpm

SHA-256: 1e0c52c30a2d1f1ad67d5d546edf0316946425d795072aa1b28dc8fbe17c457f

zlib-1.2.7-21.el7_9.i686.rpm

SHA-256: 34f6a4429dc03c988c983196e2cc7fe22af7b82f65e04a2f24df649a51bd7470

zlib-1.2.7-21.el7_9.x86_64.rpm

SHA-256: 52d976313bad20c13c4457feef27952da92ee9e21d60d2b9a963d212422b9db5

zlib-debuginfo-1.2.7-21.el7_9.i686.rpm

SHA-256: 919e27d5f5d48213530779becddbc9c7fbbe8457fd3df79063a57dc1e43a53ff

zlib-debuginfo-1.2.7-21.el7_9.i686.rpm

SHA-256: 919e27d5f5d48213530779becddbc9c7fbbe8457fd3df79063a57dc1e43a53ff

zlib-debuginfo-1.2.7-21.el7_9.x86_64.rpm

SHA-256: 8fe740f2783c7ab8aff5298c6286f88c03703738ea242d7529ac6ef079d26b2f

zlib-debuginfo-1.2.7-21.el7_9.x86_64.rpm

SHA-256: 8fe740f2783c7ab8aff5298c6286f88c03703738ea242d7529ac6ef079d26b2f

zlib-devel-1.2.7-21.el7_9.i686.rpm

SHA-256: da788f9bd9ac92dbd09566858b6337039681a29c11f5b5f779e15d4b232f37e7

zlib-devel-1.2.7-21.el7_9.x86_64.rpm

SHA-256: 1ef8c1a3e9d9a7b0df89e295e991c93f4f869dd94114a6dd7b24313eeb8dcd95

zlib-static-1.2.7-21.el7_9.i686.rpm

SHA-256: 06d39fedf45e2e532e30385016452b896e2e2d677208ae9f59df60a7116657bc

zlib-static-1.2.7-21.el7_9.x86_64.rpm

SHA-256: 0c0cb6392971a1667dcf631201d14841e2e7c9ab03403a9d3a537eb319cff18f

Red Hat Enterprise Linux for IBM z Systems 7

SRPM

zlib-1.2.7-21.el7_9.src.rpm

SHA-256: 4bef78e18f6271fb9bdb208b24bc8dc6c91f9358aec1ff41147074c5d7c83eae

s390x

minizip-1.2.7-21.el7_9.s390.rpm

SHA-256: c7856d1599c773c9733c44624d54b5f1872f9f31c89e5b244db653db3d3e39c1

minizip-1.2.7-21.el7_9.s390x.rpm

SHA-256: 151d5afacd3b73654e58d374e3817675dcf18173da2d878e2202c4fc2017eb19

minizip-devel-1.2.7-21.el7_9.s390.rpm

SHA-256: e229b26c499b39da90667400d358489fd990c3588004e5f1344665239f2f5bac

minizip-devel-1.2.7-21.el7_9.s390x.rpm

SHA-256: ce8f40db66dbfc2820d39cbc8a479facacc738197d94b82349a4e65008d28cad

zlib-1.2.7-21.el7_9.s390.rpm

SHA-256: 45936a81f32dfb829f2bcbe6d6cdab46701c26c3758ae6f5eab3ad3f31a91902

zlib-1.2.7-21.el7_9.s390x.rpm

SHA-256: 2e3bd74e34dda44002a96049f0e022a91417b6600d90b7059fdf7519c405b6d6

zlib-debuginfo-1.2.7-21.el7_9.s390.rpm

SHA-256: 4c86dae2ecd08f5eac864a198e2b3383d79a0742d7681f2d487064a8aa37aed2

zlib-debuginfo-1.2.7-21.el7_9.s390.rpm

SHA-256: 4c86dae2ecd08f5eac864a198e2b3383d79a0742d7681f2d487064a8aa37aed2

zlib-debuginfo-1.2.7-21.el7_9.s390x.rpm

SHA-256: 2904c95ad876314afdd2013214b71de4d871d8389cc94ea3aad9462775b354e6

zlib-debuginfo-1.2.7-21.el7_9.s390x.rpm

SHA-256: 2904c95ad876314afdd2013214b71de4d871d8389cc94ea3aad9462775b354e6

zlib-devel-1.2.7-21.el7_9.s390.rpm

SHA-256: 54bd950e110de338c308d893a773b22a5f0e0f9ee4e45c260c44f42d8f48a892

zlib-devel-1.2.7-21.el7_9.s390x.rpm

SHA-256: b6b61aad5f231e1d57508a91a425b44570b5642bd1e353519b43eb61afe8a9e9

zlib-static-1.2.7-21.el7_9.s390.rpm

SHA-256: 54b337bf7ca8fe3cb2a253bc6bb3847eb8e8a1280a1e1d1e17d687e5313ff541

zlib-static-1.2.7-21.el7_9.s390x.rpm

SHA-256: d7f6355d1b422e5ca19d381cd4903000491ad057615df08d15b68e80a65b0834

Red Hat Enterprise Linux for Power, big endian 7

SRPM

zlib-1.2.7-21.el7_9.src.rpm

SHA-256: 4bef78e18f6271fb9bdb208b24bc8dc6c91f9358aec1ff41147074c5d7c83eae

ppc64

minizip-1.2.7-21.el7_9.ppc.rpm

SHA-256: 0f70e44d0456d962ee328adff958de77b864e2deb67efbc867e15344fc85b495

minizip-1.2.7-21.el7_9.ppc64.rpm

SHA-256: 4c59b26b10002987369d99e264f160e76d6acc94205f02e11912d0bb020b24e7

minizip-devel-1.2.7-21.el7_9.ppc.rpm

SHA-256: f91d1be1a9fab129e6c53878b4687f1f7aa8fccb281558e393edf0e614f868d3

minizip-devel-1.2.7-21.el7_9.ppc64.rpm

SHA-256: ae07d5bc77a4d79dd5b78713545a923c862523845c5f0261bc8ccbb22c1508f0

zlib-1.2.7-21.el7_9.ppc.rpm

SHA-256: 616e809b36afe456d61e41b5dd177dfc4f1f9c119379812b55f84892d1546eee

zlib-1.2.7-21.el7_9.ppc64.rpm

SHA-256: 53b671481550cd238cde7806b2559b999725d688277f478b5cebed6a87f0a6d8

zlib-debuginfo-1.2.7-21.el7_9.ppc.rpm

SHA-256: 835e547309e8416d003a45f9f11371bd098f2de74efea396ebb3ac988192b7f4

zlib-debuginfo-1.2.7-21.el7_9.ppc.rpm

SHA-256: 835e547309e8416d003a45f9f11371bd098f2de74efea396ebb3ac988192b7f4

zlib-debuginfo-1.2.7-21.el7_9.ppc64.rpm

SHA-256: 06c3736d6948d078f60ae4564d8b21d0756cfc78910a496ffe9be6293267f680

zlib-debuginfo-1.2.7-21.el7_9.ppc64.rpm

SHA-256: 06c3736d6948d078f60ae4564d8b21d0756cfc78910a496ffe9be6293267f680

zlib-devel-1.2.7-21.el7_9.ppc.rpm

SHA-256: 37695d116c6d1f10069b46b40a8d637e71a645b5866ae6e3b26751442b213722

zlib-devel-1.2.7-21.el7_9.ppc64.rpm

SHA-256: 7389eb5bd1b7f749012ca386ef0095208a7f3bf5de9df38516bdb9f93965362d

zlib-static-1.2.7-21.el7_9.ppc.rpm

SHA-256: 46204031bb30147ca344c8ee00c4e7c69c57b53f356f9dbe605a7d6bab4aa7df

zlib-static-1.2.7-21.el7_9.ppc64.rpm

SHA-256: 5c7882d908959b2a03ca27ab03c8c9af82442430b68b9f2d8e82bc1b2250e54f

Red Hat Enterprise Linux for Scientific Computing 7

SRPM

zlib-1.2.7-21.el7_9.src.rpm

SHA-256: 4bef78e18f6271fb9bdb208b24bc8dc6c91f9358aec1ff41147074c5d7c83eae

x86_64

minizip-1.2.7-21.el7_9.i686.rpm

SHA-256: 6b378c5d3a36d6295f7162ad55959c666b410ffe7e7f03aaeafda2a051436f09

minizip-1.2.7-21.el7_9.x86_64.rpm

SHA-256: 5cbfef0897af1617abfefd220cf6b100042eb56e0777b8691029bea579e0dd24

minizip-devel-1.2.7-21.el7_9.i686.rpm

SHA-256: 462c2492e40cb7286a0c79f86f0523b881fae60a555a38c8c708eac96a6cf527

minizip-devel-1.2.7-21.el7_9.x86_64.rpm

SHA-256: 1e0c52c30a2d1f1ad67d5d546edf0316946425d795072aa1b28dc8fbe17c457f

zlib-1.2.7-21.el7_9.i686.rpm

SHA-256: 34f6a4429dc03c988c983196e2cc7fe22af7b82f65e04a2f24df649a51bd7470

zlib-1.2.7-21.el7_9.x86_64.rpm

SHA-256: 52d976313bad20c13c4457feef27952da92ee9e21d60d2b9a963d212422b9db5

zlib-debuginfo-1.2.7-21.el7_9.i686.rpm

SHA-256: 919e27d5f5d48213530779becddbc9c7fbbe8457fd3df79063a57dc1e43a53ff

zlib-debuginfo-1.2.7-21.el7_9.i686.rpm

SHA-256: 919e27d5f5d48213530779becddbc9c7fbbe8457fd3df79063a57dc1e43a53ff

zlib-debuginfo-1.2.7-21.el7_9.x86_64.rpm

SHA-256: 8fe740f2783c7ab8aff5298c6286f88c03703738ea242d7529ac6ef079d26b2f

zlib-debuginfo-1.2.7-21.el7_9.x86_64.rpm

SHA-256: 8fe740f2783c7ab8aff5298c6286f88c03703738ea242d7529ac6ef079d26b2f

zlib-devel-1.2.7-21.el7_9.i686.rpm

SHA-256: da788f9bd9ac92dbd09566858b6337039681a29c11f5b5f779e15d4b232f37e7

zlib-devel-1.2.7-21.el7_9.x86_64.rpm

SHA-256: 1ef8c1a3e9d9a7b0df89e295e991c93f4f869dd94114a6dd7b24313eeb8dcd95

zlib-static-1.2.7-21.el7_9.i686.rpm

SHA-256: 06d39fedf45e2e532e30385016452b896e2e2d677208ae9f59df60a7116657bc

zlib-static-1.2.7-21.el7_9.x86_64.rpm

SHA-256: 0c0cb6392971a1667dcf631201d14841e2e7c9ab03403a9d3a537eb319cff18f

Red Hat Enterprise Linux for Power, little endian 7

SRPM

zlib-1.2.7-21.el7_9.src.rpm

SHA-256: 4bef78e18f6271fb9bdb208b24bc8dc6c91f9358aec1ff41147074c5d7c83eae

ppc64le

minizip-1.2.7-21.el7_9.ppc64le.rpm

SHA-256: 7aa218518392e020a853f1e0d3706615a51b516fb8b5a671d7b601bc587a5d89

minizip-devel-1.2.7-21.el7_9.ppc64le.rpm

SHA-256: d0936c4555338b20ff496a9f3201cc85b3224217aa9dc8e5663a8a011e10b385

zlib-1.2.7-21.el7_9.ppc64le.rpm

SHA-256: 70dde60acfde431025d9243e0d440a58e92b6c47c950df6aa562da781eee59b1

zlib-debuginfo-1.2.7-21.el7_9.ppc64le.rpm

SHA-256: da484cbfca3ea1a35fe1f6d731d8eb59d35ec558565adb30ab225851ea34dc2f

zlib-debuginfo-1.2.7-21.el7_9.ppc64le.rpm

SHA-256: da484cbfca3ea1a35fe1f6d731d8eb59d35ec558565adb30ab225851ea34dc2f

zlib-devel-1.2.7-21.el7_9.ppc64le.rpm

SHA-256: 9afcde7b2c051920028e836e1379eedad4c4176cf601339d46c59179d6a7f7e5

zlib-static-1.2.7-21.el7_9.ppc64le.rpm

SHA-256: e2a39411ad021a02b114bdcfa4a6ef4f47e8bb2b548404835c2112e7e9e61f51

IBM Security Guardium 11.3 could allow an authenticated user to cause a denial of service due to improper input validation. IBM X-Force ID: 240903.

1 year ago

CVE

Open in Source

#vulnerability #linux #dos #intel #buffer_overflow #auth #ibm #ssl

RHSA-2023:3742: Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.13.0 security and bug fix update

Updated images that include numerous enhancements, security, and bug fixes are now available in Red Hat Container Registry for Red Hat OpenShift Data Foundation 4.13.0 on Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-16250: A flaw was found in Vault and Vault Enterprise (“Vault”). In the affected versions of Vault, with the AWS Auth Method configured and under certain circumstances, the values relied upon by Vault to validate AWS IAM ident...

1 year ago

Red Hat Security Data

Open in Source

#sql #vulnerability #web #mac #google #microsoft #linux #red_hat #dos #nodejs #js #git #kubernetes #perl #aws #auth #ibm #postgres #sap #ssl

Red Hat Security Advisory 2022-8291-01

Red Hat Security Advisory 2022-8291-01 - The rsync utility enables the users to copy and synchronize files locally or across a network. Synchronization with rsync is fast because rsync only sends the differences in files over the network instead of sending whole files. The rsync utility is also used as a mirroring tool. Issues addressed include a buffer over-read vulnerability.

1 year ago

Packet Storm

Open in Source

#vulnerability #linux #red_hat

RHSA-2022:8291: Red Hat Security Advisory: rsync security and bug fix update

An update for rsync is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-37434: zlib: heap-based buffer over-read and overflow in inflate() in inflate.c via a large gzip header extra field

2 years ago

Red Hat Security Data

Open in Source

#vulnerability #web #linux #red_hat #nodejs #js #java #kubernetes #aws #ibm

Red Hat Security Advisory 2022-7793-01

Red Hat Security Advisory 2022-7793-01 - The rsync utility enables the users to copy and synchronize files locally or across a network. Synchronization with rsync is fast because rsync only sends the differences in files over the network instead of sending whole files. The rsync utility is also used as a mirroring tool. Issues addressed include a buffer over-read vulnerability.

2 years ago

Packet Storm

Open in Source

#vulnerability #linux #red_hat #ssh #ssl

RHSA-2022:7314: Red Hat Security Advisory: zlib security update

An update for zlib is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-37434: zlib: heap-based buffer over-read and overflow in inflate() in inflate.c via a large gzip header extra field

2 years ago

Red Hat Security Data

Open in Source

#vulnerability #linux #red_hat #buffer_overflow #ibm #sap #ssl

CVE-2022-32929: About the security content of iOS 15.7.1 and iPadOS 15.7.1

A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, iOS 15.7 and iPadOS 15.7, iOS 16.1 and iPadOS 16. An app may be able to access iOS backups.

2 years ago

CVE

Open in Source

#web #ios #apple #google #dos #buffer_overflow #zero_day #webkit #wifi

Gentoo Linux Security Advisory 202210-42

Gentoo Linux Security Advisory 202210-42 - A buffer overflow in zlib might allow an attacker to cause remote code execution. Versions less than 1.2.12-r3 are affected.

2 years ago

Packet Storm

Open in Source

#vulnerability #web #mac #linux #rce #buffer_overflow

RHSA-2022:7106: Red Hat Security Advisory: zlib security update

An update for zlib is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-37434: zlib: heap-based buffer over-read and overflow in inflate() in inflate.c via a large gzip header extra field

2 years ago

Red Hat Security Data

Open in Source

#vulnerability #linux #red_hat #buffer_overflow #ibm #sap #ssl

CVE-2022-36368: IPFire 2.27 - Core Update 170 released - The IPFire Blog

Multiple stored cross-site scripting vulnerabilities in the web user interface of IPFire versions prior to 2.27 allows a remote authenticated attacker with administrative privilege to inject an arbitrary script.

2 years ago

CVE

Open in Source

#sql #xss #vulnerability #web #amazon #linux #git #intel #perl #samba #amd #auth #ssl

Ubuntu Security Notice USN-5570-2

Ubuntu Security Notice 5570-2 - USN-5570-1 fixed a vulnerability in zlib. This update provides the corresponding update for Ubuntu 22.04 LTS and Ubuntu 20.04 LTS. Evgeny Legerov discovered that zlib incorrectly handled memory when performing certain inflate operations. An attacker could use this issue to cause zlib to crash, resulting in a denial of service, or possibly execute arbitrary code.

2 years ago

Packet Storm

Open in Source

#vulnerability #ubuntu #dos #ssl

CVE-2022-37434: node/inflate.c at 75b68c6e4db515f76df73af476eccf382bbcb00a · nodejs/node

zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference).

2 years ago

CVE

Open in Source

#mac #nodejs #js #java #intel #buffer_overflow