Lucene search
PRIOn knowledge basePRION:CVE-2021-3520HistoryJun 02, 2021 - 1:15 p.m.
Integer overflow
2021-06-0213:15:00
PRIOn knowledge base
www.prio-n.com
7
There’s a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer overflow, leading to calling of memmove() on a negative size argument, causing an out-of-bounds write and/or a crash. The greatest impact of this flaw is to availability, with some potential impact to confidentiality and integrity as well.
| CPE | Name | Operator | Version |
|---|---|---|---|
| lz4 | eq | 1.8.3 | |
| communications_cloud_native_core_policy | eq | 1.14.0 | |
| zfs_storage_appliance_kit | eq | 8.8 |
Related
nessus
nessus
openSUSE Security Update : lz4 (openSUSE-2021-760)
2021-05-25 00:00:00
Photon OS 3.0: Lz4 PHSA-2021-3.0-0255
2021-06-21 00:00:00
Photon OS 4.0: Lz4 PHSA-2021-4.0-0047
2021-06-21 00:00:00
suse
suse
Security update for lz4 (important)
2021-07-11 00:00:00
Security update for lz4 (important)
2021-05-22 00:00:00
photon
photon
Critical Photon OS Security Update - PHSA-2021-0255
2021-06-17 00:00:00
Critical Photon OS Security Update - PHSA-2023-5.0-0138
2023-11-08 00:00:00
Critical Photon OS Security Update - PHSA-2021-3.0-0255
2021-06-18 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for lz4 (EulerOS-SA-2021-2747)
2021-11-17 00:00:00
openSUSE: Security Advisory for lz4 (openSUSE-SU-2021:0760-1)
2021-05-24 00:00:00
Ubuntu: Security Advisory (USN-4968-2)
2022-08-26 00:00:00
debian
debian
[SECURITY] [DSA 4919-1] lz4 security update
2021-05-21 12:51:40
[SECURITY] [DLA 2657-1] lz4 security update
2021-05-12 10:23:19
[SECURITY] [DSA 4919-1] lz4 security update
2021-05-21 12:51:40
osv
osv
CVE-2021-3520
2021-06-02 13:15:13
lz4 - security update
2021-05-12 00:00:00
Memory corruption in liblz4
2022-08-25 12:00:00
gentoo
gentoo
LZ4: Memory Corruption
2024-06-22 00:00:00
redhat
redhat
(RHSA-2021:2575) Moderate: lz4 security update
2021-06-29 13:43:40
alpinelinux
alpinelinux
CVE-2021-3520
2021-06-02 13:15:13
cve
cve
CVE-2021-3520
2021-06-02 13:15:13
debiancve
debiancve
CVE-2021-3520
2021-06-02 13:15:13
github
github
lz4-sys vulnerable to memory corruption via issue in liblz4
2022-09-01 22:24:55
oraclelinux
oraclelinux
lz4 security update
2021-06-30 00:00:00
cloudfoundry
cloudfoundry
USN-4968-1: LZ4 vulnerability | Cloud Foundry
2021-06-11 00:00:00
rustsec
rustsec
Memory corruption in liblz4
2022-08-25 12:00:00
redhatcve
redhatcve
CVE-2021-3520
2021-04-28 11:48:45
archlinux
archlinux
[ASA-202105-27] lz4: denial of service
2021-05-25 00:00:00
rocky
rocky
lz4 security update
2021-06-29 13:43:40
mageia
mageia
Updated lz4 packages fix a security vulnerability
2021-06-08 17:33:02
ubuntucve
ubuntucve
CVE-2021-3520
2021-04-30 00:00:00
ubuntu
ubuntu
LZ4 vulnerability
2021-05-31 00:00:00
LZ4 vulnerability
2021-05-26 00:00:00
veracode
veracode
Denial Of Service (DoS)
2021-05-08 14:25:49
nvd
nvd
CVE-2021-3520
2021-06-02 13:15:13
cvelist
cvelist
CVE-2021-3520
2021-06-02 12:32:32
almalinux
almalinux
Moderate: lz4 security update
2021-06-29 13:43:40
ibm
ibm
oracle
oracle
Oracle Critical Patch Update Advisory - July 2023
2023-07-18 00:00:00
Oracle Critical Patch Update Advisory - July 2021
2021-07-20 00:00:00
Oracle Critical Patch Update Advisory - October 2021
2021-10-19 00:00:00
ics
ics
Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1
2023-12-14 12:00:00