In Lizard (formerly LZ5) 2.0, use of an invalid memory address was discovered in LZ5_compress_continue in lz5_compress.c, related to LZ5_compress_fastSmall and MEM_read32. The vulnerability causes a segmentation fault and application crash, which leads to denial of service.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://github.com/inikep/lizard/issues/18 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2018-09-13T14:00:00
Updated: 2024-08-05T10:39:59.059Z
Reserved: 2018-09-13T00:00:00
Link: CVE-2018-16985
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2018-09-13T14:29:00.327
Modified: 2018-11-27T20:55:38.823
Link: CVE-2018-16985
Redhat
No data.