Back to bug 1954559
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Dhananjay Arunesh | 2021-04-28 11:37:59 UTC | Depends On | 1954560 | |
| Tomas Hoger | 2021-04-28 12:19:45 UTC | Blocks | 1935389 | |
| Summary | CVE-2021-3520 lz4:memory corruption due to an integer overflow bug caused by memmove argument | CVE-2021-3520 lz4: memory corruption due to an integer overflow bug caused by memmove argument | ||
| Todd Cullum | 2021-05-04 21:51:00 UTC | Depends On | 1957037, 1957036, 1957038 | |
| Todd Cullum | 2021-05-04 22:03:27 UTC | Doc Text | There's a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer overflow, leading to calling of memmove() on a negative size argument, causing an out-of-bounds write and/or a crash. The greatest impact of this flaw is to availability, with some potential impact to confidentiality and integrity as well. | |
| Jonathan Christison | 2021-05-10 15:31:35 UTC | CC | jross, swoodman | |
| Jonathan Christison | 2021-06-22 16:09:36 UTC | CC | kaycoth, vmugicag | |
| Depends On | 1959429, 1959427, 1959442, 1959428, 1959441, 1959440, 1959433, 1959430, 1959438, 1959431, 1959432, 1959439, 1959435, 1959434, 1959437 | |||
| CC | jnethert | |||
| errata-xmlrpc | 2021-06-29 16:31:01 UTC | Link ID | Red Hat Product Errata RHSA-2021:2575 | |
| Product Security DevOps Team | 2021-06-29 16:41:14 UTC | Status | NEW | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2021-06-29 16:41:14 UTC | |||
| errata-xmlrpc | 2022-04-13 11:27:06 UTC | Link ID | Red Hat Product Errata RHSA-2022:1345 | |
| Patrick Del Bello | 2022-05-16 21:22:29 UTC | CC | avibelli, bgeorges, clement.escoffier, dandread, dkreling, gsmet, hamadhan, krathod, lthon, mszynkie, peholase, pgallagh, pjindal, probinso, rruss, rsvoboda, sbiarozk, sdouglas | |
| errata-xmlrpc | 2022-07-19 13:40:25 UTC | Link ID | Red Hat Product Errata RHSA-2022:5606 | |
| errata-xmlrpc | 2022-09-09 07:12:39 UTC | Link ID | Red Hat Product Errata RHSA-2022:6407 | |
| Yann Collet | 2022-10-19 08:12:45 UTC | CC | yann.collet.73 | |
| Borja Tarraso | 2023-03-01 10:48:33 UTC | CC | khalaniaspyn2 | |
| Fixed In Version | lz4 1.9.4 | |||
| sonnylee | 2023-05-16 08:04:14 UTC | CC | sonnychiba688 | |
| paulahong | 2023-05-17 01:29:48 UTC | CC | tandonnichelle1736fx | |
| SaintOtis12 | 2023-06-27 06:35:27 UTC | CC | SaintOtis12 | |
| Patrik Hagara | 2023-06-27 08:28:20 UTC | Comment 19 Tag | spam | |
| Patrik Hagara | 2023-06-27 08:28:30 UTC | Comment 20 Tag | spam | |
| Patrik Hagara | 2023-06-27 08:28:45 UTC | Comment 21 Tag | spam | |
| Patrik Hagara | 2023-06-27 08:28:49 UTC | Comment 22 Tag | spam | |
| Red Hat Bugzilla | 2023-06-27 22:51:43 UTC | CC | khalaniaspyn2 | |
| Red Hat Bugzilla | 2023-06-27 22:54:30 UTC | CC | sonnychiba688 | |
| Red Hat Bugzilla | 2023-06-27 22:54:46 UTC | CC | tandonnichelle1736fx | |
| Red Hat Bugzilla | 2023-06-27 22:55:01 UTC | CC | SaintOtis12 | |
| larryellison | 2023-08-07 07:01:04 UTC | CC | larryellison2111 | |
| Jonathan Wakely | 2023-08-10 15:41:29 UTC | Comment 23 Tag | spam | |
| Jonathan Wakely | 2023-08-10 15:41:41 UTC | CC | jwakely |
Back to bug 1954559