An issue discovered in XZ 5.2.5 allows attackers to cause a denial of service via decompression of a crafted file. NOTE: the vendor disputes the claims of "endless output" and "denial of service" because decompression of the 17,486 bytes always results in 114,881,179 bytes, which is often a reasonable size increase.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2023-08-22T00:00:00
Updated: 2023-09-18T08:58:12.470441
Reserved: 2020-08-13T00:00:00
Link: CVE-2020-22916
JSON object: View
NVD Information
Status : Modified
Published: 2023-08-22T19:16:19.407
Modified: 2024-05-17T01:45:27.397
Link: CVE-2020-22916
JSON object: View
Redhat Information
No data.
CWE