Description
bzip2 contains an off‑by‑one error in the bzip2recover utility. When processing a specially crafted file, the application performs an out‑of‑bounds write to a global buffer, resulting in memory corruption and a crash (denial of service).

This issue was fixed in bzip2 patch 35d122a3df8b0cc4082a4d89fdc6ee99f375fe67
Published: 2026-05-28
Score: 5.1 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

An off‑by‑one error in the bzip2recover utility allows a specially crafted file to trigger an out‑of‑bounds write to a global buffer, corrupting memory and causing the program to crash. This results in a denial of service. The weakness is a classic buffer overflow, classified as CWE‑787.

Affected Systems

Any installation of bzip2 that includes the bzip2recover utility may be vulnerable; the CVE does not specify which exact versions are affected, only that the flaw was fixed by patch 35d122a3df8b0cc4082a4d89fdc6ee99f375fe67.

Risk and Exploitability

The CVSS score of 5.1 reflects a moderate severity because the flaw only produces a crash, not arbitrary code execution. No EPSS data is available, so the current exploitation likelihood cannot be quantified. The vulnerability is not listed in the CISA KEV catalog. The attack vector is local: an attacker must be able to execute bzip2recover against a crafted file on the affected system; remote exploitation would require additional compromise beyond this flaw.

Generated by OpenCVE AI on May 28, 2026 at 20:05 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade bzip2 to a release that includes patch 35d122a3df8b0cc4082a4d89fdc6ee99f375fe67.
  • If an upgrade cannot be performed immediately, avoid invoking bzip2recover with archives from untrusted sources or replace the tool with a safer alternative that performs safer input validation.
  • After updating or restricting usage, monitor system logs for crash events associated with bzip2recover to confirm the issue is resolved.

Generated by OpenCVE AI on May 28, 2026 at 20:05 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Sat, 30 May 2026 21:15:00 +0000

Type Values Removed Values Added
First Time appeared Bzip
Bzip bzip2
Vendors & Products Bzip
Bzip bzip2

Thu, 28 May 2026 18:00:00 +0000

Type Values Removed Values Added
Description bzip2 contains an off‑by‑one error in the bzip2recover utility. When processing a specially crafted file, the application performs an out‑of‑bounds write to a global buffer, resulting in memory corruption and a crash (denial of service). This issue was fixed in bzip2 version 1.0.9 bzip2 contains an off‑by‑one error in the bzip2recover utility. When processing a specially crafted file, the application performs an out‑of‑bounds write to a global buffer, resulting in memory corruption and a crash (denial of service). This issue was fixed in bzip2 patch 35d122a3df8b0cc4082a4d89fdc6ee99f375fe67
References

Thu, 28 May 2026 15:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 28 May 2026 14:15:00 +0000

Type Values Removed Values Added
Description bzip2 contains an off‑by‑one error in the bzip2recover utility. When processing a specially crafted file, the application performs an out‑of‑bounds write to a global buffer, resulting in memory corruption and a crash (denial of service). This issue was fixed in bzip2 version 1.0.9
Title Off-by-One Leading to Out-of-Bounds Write in bzip2
Weaknesses CWE-787
References
Metrics cvssV4_0

{'score': 5.1, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N'}

Subscriptions

Bzip Bzip2
cve-icon MITRE

Status: PUBLISHED

Assigner: CERT-PL

Published:

Updated: 2026-05-28T17:01:57.259Z

Reserved: 2026-04-25T11:31:56.229Z

Link: CVE-2026-42250

cve-icon Vulnrichment

Updated: 2026-05-28T14:22:56.254Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-05-28T14:16:19.890

Modified: 2026-05-28T18:16:32.577

Link: CVE-2026-42250

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-30T21:00:12Z

Weaknesses