CVE Vulnerabilities

CVE-2023-29415

Published: Apr 06, 2023 | Modified: Nov 07, 2023
CVSS 3.x
6.5
MEDIUM
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu
MEDIUM

An issue was discovered in libbzip3.a in bzip3 before 1.3.0. A denial of service (process hang) can occur with a crafted archive because bzip3 does not follow the required procedure for interacting with libsais.

Affected Software

Name Vendor Start Version End Version
Bzip3 Bzip3_project * 1.3.0 (excluding)
Bzip3 Ubuntu esm-apps/noble *
Bzip3 Ubuntu lunar *
Bzip3 Ubuntu mantic *
Bzip3 Ubuntu noble *
Bzip3 Ubuntu upstream *

References