In Lizard (formerly LZ5) 2.0, use of an invalid memory address was discovered in LZ5_compress_continue in lz5_compress.c, related to LZ5_compress_fastSmall and MEM_read32. The vulnerability causes a segmentation fault and application crash, which leads to denial of service.
References
Link | Resource |
---|---|
https://github.com/inikep/lizard/issues/18 | Exploit Vendor Advisory |
Configurations
Information
Published : 2018-09-13 07:29
Updated : 2018-11-27 12:55
NVD link : CVE-2018-16985
Mitre link : CVE-2018-16985
JSON object : View
CWE
CWE-125
Out-of-bounds Read
Products Affected
lizard_project
- lizard