It was discovered that zlib incorrectly handled pointer arithmetic. An attacker could use this issue to cause zlib to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-9840, CVE-2016-9841)
It was discovered that zlib incorrectly handled vectors involving left shifts of negative integers. An attacker could use this issue to cause zlib to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-9842)
It was discovered that zlib incorrectly handled vectors involving big-endian CRC calculation. An attacker could use this issue to cause zlib to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-9843)
{ "availability": "No subscription required", "binaries": [ { "zlib1g-dbg": "1:1.2.8.dfsg-2ubuntu4.3", "lib64z1": "1:1.2.8.dfsg-2ubuntu4.3", "zlib1g-dev": "1:1.2.8.dfsg-2ubuntu4.3", "zlib1g-udeb-dbgsym": "1:1.2.8.dfsg-2ubuntu4.3", "lib64z1-dev": "1:1.2.8.dfsg-2ubuntu4.3", "zlib1g": "1:1.2.8.dfsg-2ubuntu4.3", "lib32z1-dev-dbgsym": "1:1.2.8.dfsg-2ubuntu4.3", "libx32z1-dev": "1:1.2.8.dfsg-2ubuntu4.3", "libx32z1": "1:1.2.8.dfsg-2ubuntu4.3", "zlib1g-udeb": "1:1.2.8.dfsg-2ubuntu4.3", "lib64z1-dbgsym": "1:1.2.8.dfsg-2ubuntu4.3", "zlib1g-dev-dbgsym": "1:1.2.8.dfsg-2ubuntu4.3", "libx32z1-dev-dbgsym": "1:1.2.8.dfsg-2ubuntu4.3", "lib32z1-dev": "1:1.2.8.dfsg-2ubuntu4.3", "lib64z1-dev-dbgsym": "1:1.2.8.dfsg-2ubuntu4.3", "lib32z1-dbgsym": "1:1.2.8.dfsg-2ubuntu4.3", "libx32z1-dbgsym": "1:1.2.8.dfsg-2ubuntu4.3", "zlib1g-dbgsym": "1:1.2.8.dfsg-2ubuntu4.3", "lib32z1": "1:1.2.8.dfsg-2ubuntu4.3" } ] }