Vulnerability CVE-2022-37434: Information
Description
zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference).
Severity: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Fixed packages
Package name | Branch | Fixed in version | Version from repository | Errata ID | Task # | State |
---|---|---|---|---|---|---|
MySQL | sisyphus | 8.0.33-alt1 | 8.0.36-alt1 | ALT-PU-2023-7320-2 | 334618 | Fixed |
MySQL | sisyphus_e2k | 8.0.35-alt1.1 | 8.0.36-alt1 | ALT-PU-2023-7453-1 | - | Fixed |
MySQL | p10 | 8.0.35-alt1.1 | 8.0.36-alt1 | ALT-PU-2023-7463-2 | 334633 | Fixed |
MySQL | p10_e2k | 8.0.35-alt1.1 | 8.0.36-alt1 | ALT-PU-2023-7717-1 | - | Fixed |
MySQL | c10f1 | 8.0.35-alt1.1 | 8.0.36-alt1 | ALT-PU-2023-7888-3 | 335803 | Fixed |
MySQL | c9f2 | 8.0.35-alt1.0.c9.1 | 8.0.36-alt0.c9.1 | ALT-PU-2023-7647-3 | 335317 | Fixed |
rsync | sisyphus | 3.2.5-alt0.2 | 3.2.7-alt1 | ALT-PU-2022-2365-1 | 304987 | Fixed |
rsync | sisyphus_e2k | 3.2.5-alt1 | 3.2.7-alt1 | ALT-PU-2022-5922-1 | - | Fixed |
rsync | sisyphus_riscv64 | 3.2.5-alt0.2 | 3.2.7-alt1 | ALT-PU-2022-5715-1 | - | Fixed |
rsync | p10 | 3.2.5-alt0.2 | 3.2.7-alt1 | ALT-PU-2022-2434-1 | 305085 | Fixed |
rsync | p10_e2k | 3.2.5-alt0.2 | 3.2.7-alt1 | ALT-PU-2022-5779-1 | - | Fixed |
rsync | c10f1 | 3.2.5-alt0.2 | 3.2.7-alt1 | ALT-PU-2022-2434-1 | 305085 | Fixed |
rsync | c9f2 | 3.2.5-alt1 | 3.2.5-alt1 | ALT-PU-2022-2506-1 | 305659 | Fixed |
zlib | sisyphus | 1.2.12-alt3 | 1.3.1-alt1 | ALT-PU-2022-2364-1 | 304986 | Fixed |
zlib | sisyphus_e2k | 1.2.12-alt3 | 1.3.1-alt1 | ALT-PU-2022-5921-1 | - | Fixed |
zlib | sisyphus_riscv64 | 1.2.12-alt3 | 1.3.1-alt1 | ALT-PU-2022-5714-1 | - | Fixed |
zlib | p10 | 1.2.12-alt3 | 1.2.13-alt1 | ALT-PU-2022-2477-1 | 305356 | Fixed |
zlib | p10_e2k | 1.2.12-alt3 | 1.2.13-alt1 | ALT-PU-2022-5873-1 | - | Fixed |
zlib | c10f1 | 1.2.12-alt3 | 1.2.13-alt1 | ALT-PU-2022-2477-1 | 305356 | Fixed |
zlib | c9f2 | 1.2.13-alt1 | 1.2.13-alt1 | ALT-PU-2022-3232-1 | 309771 | Fixed |