Heap out-of-bounds read in Clickhouse's LZ4 compression codec when parsing a malicious query. As part of the LZ4::decompressImpl() loop, a 16-bit unsigned user-supplied value ('offset') is read from the compressed data. The offset is later used in the length of a copy operation, without checking the lower bounds of the source of the copy operation.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: JFROG
Published: 2022-03-14T00:00:00
Updated: 2024-08-04T03:30:38.323Z
Reserved: 2021-10-14T00:00:00
Link: CVE-2021-42388
Vulnrichment
No data.
NVD
Status : Modified
Published: 2022-03-14T23:15:07.970
Modified: 2024-11-21T06:27:43.050
Link: CVE-2021-42388
Redhat
No data.