vulnerability
Alpine Linux: CVE-2023-6992: Out-of-bounds Write
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 3 | (AV:L/AC:M/Au:N/C:N/I:P/A:P) | Jan 4, 2024 | Mar 21, 2024 | Oct 14, 2024 |
Severity
3
CVSS
(AV:L/AC:M/Au:N/C:N/I:P/A:P)
Published
Jan 4, 2024
Added
Mar 21, 2024
Modified
Oct 14, 2024
Description
Cloudflare version of zlib library was found to be vulnerable to memory corruption issues affecting the deflation algorithm implementation (deflate.c). The issues resulted from improper input validation and heap-based buffer overflow.
A local attacker could exploit the problem during compression using a crafted malicious file potentially leading to denial of service of the software.
Patches: The issue has been patched in commit 8352d10 https://github.com/cloudflare/zlib/commit/8352d108c05db1bdc5ac3bdf834dad641694c13c . The upstream repository is not affected.
A local attacker could exploit the problem during compression using a crafted malicious file potentially leading to denial of service of the software.
Patches: The issue has been patched in commit 8352d10 https://github.com/cloudflare/zlib/commit/8352d108c05db1bdc5ac3bdf834dad641694c13c . The upstream repository is not affected.
Solution
alpine-linux-upgrade-zlib
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.