An issue discovered in XZ 5.2.5 allows attackers to cause a denial of service via decompression of a crafted file. NOTE: the vendor disputes the claims of "endless output" and "denial of service" because decompression of the 17,486 bytes always results in 114,881,179 bytes, which is often a reasonable size increase.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2023-08-22T00:00:00
Updated: 2024-08-04T14:51:10.789Z
Reserved: 2020-08-13T00:00:00
Link: CVE-2020-22916
Vulnrichment
Updated: 2024-08-04T14:51:10.789Z
NVD
Status : Modified
Published: 2023-08-22T19:16:19.407
Modified: 2024-08-04T15:15:49.027
Link: CVE-2020-22916
Redhat
No data.