Use-after-free vulnerability in bzip2recover in bzip2 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted bzip2 file, related to block ends set to before the start of the block.
{ "ubuntu_priority": "low", "availability": "No subscription required", "binaries": [ { "binary_name": "bzip2", "binary_version": "1.0.6-8ubuntu0.1" }, { "binary_name": "bzip2-dbgsym", "binary_version": "1.0.6-8ubuntu0.1" }, { "binary_name": "bzip2-doc", "binary_version": "1.0.6-8ubuntu0.1" }, { "binary_name": "libbz2-1.0", "binary_version": "1.0.6-8ubuntu0.1" }, { "binary_name": "libbz2-1.0-dbgsym", "binary_version": "1.0.6-8ubuntu0.1" }, { "binary_name": "libbz2-dev", "binary_version": "1.0.6-8ubuntu0.1" } ] }
{ "ubuntu_priority": "low", "availability": "No subscription required", "binaries": [ { "binary_name": "bzip2", "binary_version": "1.0.6-8.1" }, { "binary_name": "bzip2-dbgsym", "binary_version": "1.0.6-8.1" }, { "binary_name": "bzip2-doc", "binary_version": "1.0.6-8.1" }, { "binary_name": "libbz2-1.0", "binary_version": "1.0.6-8.1" }, { "binary_name": "libbz2-1.0-dbgsym", "binary_version": "1.0.6-8.1" }, { "binary_name": "libbz2-dev", "binary_version": "1.0.6-8.1" } ] }