USN-5570-1

See a problem?

Source

https://ubuntu.com/security/notices/USN-5570-1

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-5570-1.json

JSON Data

https://api.osv.dev/v1/vulns/USN-5570-1

Related

Published

2022-08-17T22:44:40.342294Z

Modified

2022-08-17T22:44:40.342294Z

Summary

zlib vulnerability

Details

Evgeny Legerov discovered that zlib incorrectly handled memory when performing certain inflate operations. An attacker could use this issue to cause zlib to crash, resulting in a denial of service, or possibly execute arbitrary code.

References

Affected packages

Ubuntu:Pro:14.04:LTS / zlib

Package

Name: zlib
Purl: pkg:deb/ubuntu/zlib@1:1.2.8.dfsg-1ubuntu1.1+esm2?arch=src?distro=trusty/esm

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:1.2.8.dfsg-1ubuntu1.1+esm2

Affected versions

1:1.*

1:1.2.8.dfsg-1ubuntu1

1:1.2.8.dfsg-1ubuntu1.1

1:1.2.8.dfsg-1ubuntu1.1+esm1

Ecosystem specific

{
    "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
    "binaries": [
        {
            "zlib1g-dbg": "1:1.2.8.dfsg-1ubuntu1.1+esm2",
            "zlib-bin": "1:1.2.8.dfsg-1ubuntu1.1+esm2",
            "lib64z1": "1:1.2.8.dfsg-1ubuntu1.1+esm2",
            "zlib1g-dev": "1:1.2.8.dfsg-1ubuntu1.1+esm2",
            "zlib1g-udeb-dbgsym": "1:1.2.8.dfsg-1ubuntu1.1+esm2",
            "lib64z1-dev": "1:1.2.8.dfsg-1ubuntu1.1+esm2",
            "zlib1g": "1:1.2.8.dfsg-1ubuntu1.1+esm2",
            "zlib-bin-dbgsym": "1:1.2.8.dfsg-1ubuntu1.1+esm2",
            "lib32z1-dev-dbgsym": "1:1.2.8.dfsg-1ubuntu1.1+esm2",
            "libx32z1-dev": "1:1.2.8.dfsg-1ubuntu1.1+esm2",
            "libx32z1": "1:1.2.8.dfsg-1ubuntu1.1+esm2",
            "zlib1g-udeb": "1:1.2.8.dfsg-1ubuntu1.1+esm2",
            "lib64z1-dbgsym": "1:1.2.8.dfsg-1ubuntu1.1+esm2",
            "zlib1g-dev-dbgsym": "1:1.2.8.dfsg-1ubuntu1.1+esm2",
            "libx32z1-dev-dbgsym": "1:1.2.8.dfsg-1ubuntu1.1+esm2",
            "lib32z1-dev": "1:1.2.8.dfsg-1ubuntu1.1+esm2",
            "lib64z1-dev-dbgsym": "1:1.2.8.dfsg-1ubuntu1.1+esm2",
            "lib32z1-dbgsym": "1:1.2.8.dfsg-1ubuntu1.1+esm2",
            "libx32z1-dbgsym": "1:1.2.8.dfsg-1ubuntu1.1+esm2",
            "zlib1g-dbgsym": "1:1.2.8.dfsg-1ubuntu1.1+esm2",
            "lib32z1": "1:1.2.8.dfsg-1ubuntu1.1+esm2"
        }
    ]
}

Ubuntu:Pro:16.04:LTS / zlib

Package

Name: zlib
Purl: pkg:deb/ubuntu/zlib@1:1.2.8.dfsg-2ubuntu4.3+esm2?arch=src?distro=esm-infra/xenial

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:1.2.8.dfsg-2ubuntu4.3+esm2

Affected versions

1:1.*

1:1.2.8.dfsg-2ubuntu4

1:1.2.8.dfsg-2ubuntu4.1

1:1.2.8.dfsg-2ubuntu4.3

1:1.2.8.dfsg-2ubuntu4.3+esm1

Ecosystem specific

{
    "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
    "binaries": [
        {
            "zlib1g-dbg": "1:1.2.8.dfsg-2ubuntu4.3+esm2",
            "lib64z1": "1:1.2.8.dfsg-2ubuntu4.3+esm2",
            "zlib1g-dev": "1:1.2.8.dfsg-2ubuntu4.3+esm2",
            "zlib1g-udeb-dbgsym": "1:1.2.8.dfsg-2ubuntu4.3+esm2",
            "lib64z1-dev": "1:1.2.8.dfsg-2ubuntu4.3+esm2",
            "zlib1g": "1:1.2.8.dfsg-2ubuntu4.3+esm2",
            "lib32z1-dev-dbgsym": "1:1.2.8.dfsg-2ubuntu4.3+esm2",
            "libx32z1-dev": "1:1.2.8.dfsg-2ubuntu4.3+esm2",
            "libx32z1": "1:1.2.8.dfsg-2ubuntu4.3+esm2",
            "zlib1g-udeb": "1:1.2.8.dfsg-2ubuntu4.3+esm2",
            "lib64z1-dbgsym": "1:1.2.8.dfsg-2ubuntu4.3+esm2",
            "zlib1g-dev-dbgsym": "1:1.2.8.dfsg-2ubuntu4.3+esm2",
            "libx32z1-dev-dbgsym": "1:1.2.8.dfsg-2ubuntu4.3+esm2",
            "lib32z1-dev": "1:1.2.8.dfsg-2ubuntu4.3+esm2",
            "lib64z1-dev-dbgsym": "1:1.2.8.dfsg-2ubuntu4.3+esm2",
            "lib32z1-dbgsym": "1:1.2.8.dfsg-2ubuntu4.3+esm2",
            "libx32z1-dbgsym": "1:1.2.8.dfsg-2ubuntu4.3+esm2",
            "zlib1g-dbgsym": "1:1.2.8.dfsg-2ubuntu4.3+esm2",
            "lib32z1": "1:1.2.8.dfsg-2ubuntu4.3+esm2"
        }
    ]
}

Ubuntu:18.04:LTS / zlib

Package

Name: zlib
Purl: pkg:deb/ubuntu/zlib@1:1.2.11.dfsg-0ubuntu2.2?arch=src?distro=bionic

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:1.2.11.dfsg-0ubuntu2.2

Affected versions

1:1.*

1:1.2.11.dfsg-0ubuntu2

1:1.2.11.dfsg-0ubuntu2.1

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "libx32z1": "1:1.2.11.dfsg-0ubuntu2.2",
            "lib32z1": "1:1.2.11.dfsg-0ubuntu2.2",
            "zlib1g-dbg": "1:1.2.11.dfsg-0ubuntu2.2",
            "lib64z1": "1:1.2.11.dfsg-0ubuntu2.2",
            "zlib1g-dev": "1:1.2.11.dfsg-0ubuntu2.2",
            "zlib1g-udeb": "1:1.2.11.dfsg-0ubuntu2.2",
            "lib64z1-dev": "1:1.2.11.dfsg-0ubuntu2.2",
            "lib32z1-dev": "1:1.2.11.dfsg-0ubuntu2.2",
            "zlib1g": "1:1.2.11.dfsg-0ubuntu2.2",
            "libx32z1-dev": "1:1.2.11.dfsg-0ubuntu2.2"
        }
    ]
}