An issue was discovered in libbzip3.a in bzip3 1.2.2. There is a bz3_decompress out-of-bounds read in certain situations where buffers passed to bzip3 do not contain enough space to be filled with decompressed data. NOTE: the vendor's perspective is that the observed behavior can only occur for a contract violation, and thus the report is invalid.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2023-04-06T00:00:00
Updated: 2024-07-05T16:52:03.741Z
Reserved: 2023-04-06T00:00:00
Link: CVE-2023-29417
JSON object: View
NVD Information
Status : Modified
Published: 2023-04-06T05:15:07.500
Modified: 2024-05-17T02:22:22.830
Link: CVE-2023-29417
JSON object: View
Redhat Information
No data.
CWE