diff options
| author | Philip Paeps <philip@FreeBSD.org> | 2022-04-07 03:05:55 +0000 |
|---|---|---|
| committer | Philip Paeps <philip@FreeBSD.org> | 2022-04-07 03:05:55 +0000 |
| commit | e19844010ae2ceb458722498e414ff5c1b37540d (patch) | |
| tree | 44b59ee4d39be9e461df8b9505874480c63e9039 | |
| parent | 7c477710b3032f882739815c477319fe7ca6c467 (diff) | |
| download | ports-e19844010ae2ceb458722498e414ff5c1b37540d.tar.gz ports-e19844010ae2ceb458722498e414ff5c1b37540d.zip | |
security/vuxml: add FreeBSD SA-22:08.zlib
| -rw-r--r-- | security/vuxml/vuln-2022.xml | 30 |
1 files changed, 30 insertions, 0 deletions
diff --git a/security/vuxml/vuln-2022.xml b/security/vuxml/vuln-2022.xml index 1938e3a16bee..ab1272fe3b9a 100644 --- a/security/vuxml/vuln-2022.xml +++ b/security/vuxml/vuln-2022.xml @@ -1,3 +1,33 @@ + <vuln vid="38f2e3a0-b61e-11ec-9ebc-1c697aa5a594"> + <topic>FreeBSD -- zlib compression out-of-bounds write</topic> + <affects> + <package> + <name>FreeBSD</name> + <range><ge>13.0</ge><lt>13.0_11</lt></range> + <range><ge>12.3</ge><lt>12.3_5</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <h1>Problem Description:</h1> + <p>Certain inputs can cause zlib's compression routine to overwrite an + internal buffer with compressed data. This issue may require the use + of uncommon or non-default compression parameters.</p> + <h1>Impact:</h1> + <p>The out-of-bounds write may result in memory corruption and an + application crash or kernel panic.</p> + </body> + </description> + <references> + <cvename>CVE-2018-25032</cvename> + <freebsdsa>SA-22:08.zlib</freebsdsa> + </references> + <dates> + <discovery>2022-04-06</discovery> + <entry>2022-04-07</entry> + </dates> + </vuln> + <vuln vid="d4cc994f-b61d-11ec-9ebc-1c697aa5a594"> <topic>FreeBSD -- 802.11 heap buffer overflow</topic> <affects> |