Ubuntu CVE Tracker
Home
Main
Universe
Partner
CVE-2020-25467
Priority
Low
Description
A null pointer dereference was discovered lzo_decompress_buf in stream.c in
Irzip 0.621 which allows an attacker to cause a denial of service (DOS) via
a crafted compressed file.
References
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25467
https://bugs.launchpad.net/ubuntu/+source/lrzip/+bug/1893641
https://github.com/ckolivas/lrzip/issues/163
Notes
Package
Source:
lrzip
(
LP
Ubuntu
Debian
)
Upstream:
needs-triage
Ubuntu 18.04 LTS
:
needs-triage
Ubuntu 20.04 LTS
:
needs-triage
Ubuntu 21.10
:
needs-triage
Ubuntu 22.04 LTS
:
needs-triage
Ubuntu 14.04 ESM:
DNE
Patches:
More Information
Mitre
NVD
Launchpad
Debian
Updated
: 2022-04-25 00:48:27 UTC (commit
ecc1009cb19540b950de59270950018900f37f15
)