what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 19 of 19 RSS Feed

CVE-2022-37434

Status Candidate

Overview

zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference).

Related Files

Ubuntu Security Notice USN-6736-2
Posted May 23, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6736-2 - USN-6736-1 fixed vulnerabilities in klibc. This update provides the corresponding updates for Ubuntu 24.04 LTS. It was discovered that zlib, vendored in klibc, incorrectly handled pointer arithmetic. An attacker could use this issue to cause klibc to crash or to possibly execute arbitrary code.

tags | advisory, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2016-9840, CVE-2018-25032, CVE-2022-37434
SHA-256 | e52b87abb1cbef1ab680534a984ee5229ded4d8db86d8012fd602d5815e51c14
Ubuntu Security Notice USN-6736-1
Posted Apr 16, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6736-1 - It was discovered that zlib, vendored in klibc, incorrectly handled pointer arithmetic. An attacker could use this issue to cause klibc to crash or to possibly execute arbitrary code. Danilo Ramos discovered that zlib, vendored in klibc, incorrectly handled memory when performing certain deflating operations. An attacker could use this issue to cause klibc to crash or to possibly execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2016-9840, CVE-2018-25032, CVE-2022-37434
SHA-256 | f890a9231f096daf4ea198b52f282501ce5325cda3d58612406a839f4db116f8
Red Hat Security Advisory 2024-0254-03
Posted Jan 16, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-0254-03 - An update for rsync is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include a buffer over-read vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-37434
SHA-256 | 7a24cbb4322b6221eaddcf1077f0869f9fcf4a232d146de8a289931c145d8858
Red Hat Security Advisory 2023-1095-01
Posted Mar 7, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1095-01 - The zlib packages provide a general-purpose lossless data compression library that is used by many different programs. Issues addressed include a buffer over-read vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-37434
SHA-256 | adc250f0615cd75a6c70333c14bb359ef4003b176b22315d1c4d2e663cd88127
Red Hat Security Advisory 2022-8634-01
Posted Nov 28, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-8634-01 - OpenShift API for Data Protection enables you to back up and restore application resources, persistent volume data, and internal container images to external backup storage. OADP enables both file system-based and snapshot-based backups for persistent volumes.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-35525, CVE-2020-35527, CVE-2022-2509, CVE-2022-27191, CVE-2022-27664, CVE-2022-30632, CVE-2022-30635, CVE-2022-32190, CVE-2022-34903, CVE-2022-3515, CVE-2022-37434, CVE-2022-40674
SHA-256 | b40d2005f66e612c1aaffbf22521c13291a21987948b24580c002a869de0af41
Red Hat Security Advisory 2022-8291-01
Posted Nov 16, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-8291-01 - The rsync utility enables the users to copy and synchronize files locally or across a network. Synchronization with rsync is fast because rsync only sends the differences in files over the network instead of sending whole files. The rsync utility is also used as a mirroring tool. Issues addressed include a buffer over-read vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-37434
SHA-256 | fc436e498a53e5c49e1c1a8b09212891e27db5be700b48345aa6a7709f911fa7
Red Hat Security Advisory 2022-7793-01
Posted Nov 8, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-7793-01 - The rsync utility enables the users to copy and synchronize files locally or across a network. Synchronization with rsync is fast because rsync only sends the differences in files over the network instead of sending whole files. The rsync utility is also used as a mirroring tool. Issues addressed include a buffer over-read vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-37434
SHA-256 | b3cccfc043a84c0ed1dad7efae979007d38565cce0c961041fb4b79b20026ba2
Red Hat Security Advisory 2022-7407-01
Posted Nov 4, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-7407-01 - Service Binding Operator 1.3.1 is now available for OpenShift Developer Tools and Services for OCP 4.9 +.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-35525, CVE-2020-35527, CVE-2022-2509, CVE-2022-32149, CVE-2022-3515, CVE-2022-37434
SHA-256 | 012e227d425066acf1cddd9d946b3a26f80b7130b2626aa0f33187b388d2dd22
Red Hat Security Advisory 2022-7314-01
Posted Nov 3, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-7314-01 - The zlib packages provide a general-purpose lossless data compression library that is used by many different programs. Issues addressed include buffer over-read and buffer overflow vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2022-37434
SHA-256 | ec588ba3bdfdec071d1dc0ecf279176e4d01e8981b746c75fb6cdd744b189d8c
Gentoo Linux Security Advisory 202210-42
Posted Nov 1, 2022
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202210-42 - A buffer overflow in zlib might allow an attacker to cause remote code execution. Versions less than 1.2.12-r3 are affected.

tags | advisory, remote, overflow, code execution
systems | linux, gentoo
advisories | CVE-2018-25032, CVE-2022-37434
SHA-256 | c46b3f01897b3c08e7d9420246ac8f8a67021ea56c97c1d6e882c833059e27c5
Apple Security Advisory 2022-10-27-12
Posted Oct 31, 2022
Authored by Apple | Site apple.com

Apple Security Advisory 2022-10-27-12 - watchOS 9.1 addresses code execution, out of bounds write, and spoofing vulnerabilities.

tags | advisory, spoof, vulnerability, code execution
systems | apple
advisories | CVE-2022-32923, CVE-2022-32924, CVE-2022-32926, CVE-2022-32932, CVE-2022-32940, CVE-2022-32944, CVE-2022-32947, CVE-2022-37434, CVE-2022-42798, CVE-2022-42799, CVE-2022-42800, CVE-2022-42801, CVE-2022-42803, CVE-2022-42808
SHA-256 | 8e4f8e41c6c08442c3414a6d6392bded1a9151dda4734d8e9da1a5270584f100
Apple Security Advisory 2022-10-27-8
Posted Oct 31, 2022
Authored by Apple | Site apple.com

Apple Security Advisory 2022-10-27-8 - macOS Big Sur 11.7.1 addresses buffer overflow and code execution vulnerabilities.

tags | advisory, overflow, vulnerability, code execution
systems | apple
advisories | CVE-2022-28739, CVE-2022-32862, CVE-2022-32941, CVE-2022-32944, CVE-2022-37434, CVE-2022-42798, CVE-2022-42800, CVE-2022-42825
SHA-256 | 255cd9c48b3f51ada10814f39a583509a9a69b064e1c599953ddee511d2f8706
Apple Security Advisory 2022-10-27-6
Posted Oct 31, 2022
Authored by Apple | Site apple.com

Apple Security Advisory 2022-10-27-6 - macOS Monterey 12.6.1 addresses buffer overflow and code execution vulnerabilities.

tags | advisory, overflow, vulnerability, code execution
systems | apple
advisories | CVE-2022-28739, CVE-2022-32862, CVE-2022-32941, CVE-2022-32944, CVE-2022-37434, CVE-2022-42798, CVE-2022-42800, CVE-2022-42801, CVE-2022-42803, CVE-2022-42825
SHA-256 | 979ae6bc389d83a98a7e660aa0a94786baa11ee88d138b4866b0a5dfebac283d
Apple Security Advisory 2022-10-27-1
Posted Oct 31, 2022
Authored by Apple | Site apple.com

Apple Security Advisory 2022-10-27-1 - iOS 15.7.1 and iPadOS 15.7.1 addresses buffer overflow, code execution, and out of bounds write vulnerabilities.

tags | advisory, overflow, vulnerability, code execution
systems | apple, ios
advisories | CVE-2022-32923, CVE-2022-32926, CVE-2022-32927, CVE-2022-32929, CVE-2022-32932, CVE-2022-32935, CVE-2022-32939, CVE-2022-32941, CVE-2022-32944, CVE-2022-32949, CVE-2022-37434, CVE-2022-42798, CVE-2022-42800, CVE-2022-42801
SHA-256 | 5f79f9b1f390df8f73a589b60c59a30fa9350ede8b0511ed0a429df4bf8f297c
Red Hat Security Advisory 2022-7106-01
Posted Oct 26, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-7106-01 - The zlib packages provide a general-purpose lossless data compression library that is used by many different programs. Issues addressed include buffer over-read and buffer overflow vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2022-37434
SHA-256 | 7492c4671f3a3734957835d6b7c25c6987d2fd0b99ee716d06325e227c1f2d1c
Ubuntu Security Notice USN-5570-2
Posted Oct 18, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5570-2 - USN-5570-1 fixed a vulnerability in zlib. This update provides the corresponding update for Ubuntu 22.04 LTS and Ubuntu 20.04 LTS. Evgeny Legerov discovered that zlib incorrectly handled memory when performing certain inflate operations. An attacker could use this issue to cause zlib to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2022-37434
SHA-256 | 3de69d8102e0b70101ea4fa4658f1660f2194eb9389ac87bb41201e2e9a74e58
Debian Security Advisory 5218-1
Posted Aug 28, 2022
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5218-1 - Evgeny Legerov reported a heap-based buffer overflow vulnerability in the inflate operation in zlib, which could result in denial of service or potentially the execution of arbitrary code if specially crafted input is processed.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, debian
advisories | CVE-2022-37434
SHA-256 | 0fc066864d16ce0251018353cfdd624268ef31417fe92f51838e0db88c6c6e60
Ubuntu Security Notice USN-5573-1
Posted Aug 19, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5573-1 - Evgeny Legerov discovered that zlib incorrectly handled memory when performing certain inflate operations. An attacker could use this issue to cause rsync to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2022-37434
SHA-256 | b03b3ce0318bd868ddf50738bb537df9b23ce61c7a7b4046dd322b4c08706183
Ubuntu Security Notice USN-5570-1
Posted Aug 18, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5570-1 - Evgeny Legerov discovered that zlib incorrectly handled memory when performing certain inflate operations. An attacker could use this issue to cause zlib to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2022-37434
SHA-256 | 633b92af147a1739d4a4962c2ea0be171beb06a16ace9652f8d22cbc627f27e6
Page 1 of 1
Back1Next

File Archive:

June 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    0 Files
  • 2
    Jun 2nd
    0 Files
  • 3
    Jun 3rd
    18 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    57 Files
  • 7
    Jun 7th
    6 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    12 Files
  • 11
    Jun 11th
    27 Files
  • 12
    Jun 12th
    38 Files
  • 13
    Jun 13th
    16 Files
  • 14
    Jun 14th
    14 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    16 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close