Vulnerabilities > CVE-2019-17543 - Out-of-bounds Write vulnerability in LZ4 Project LZ4
Attack vector
NETWORK Attack complexity
HIGH Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
LZ4 before 1.9.2 has a heap-based buffer overflow in LZ4_write32 (related to LZ4_compress_destSize), affecting applications that call LZ4_compress_fast with a large input. (This issue can also lead to data corruption.) NOTE: the vendor states "only a few specific / uncommon usages of the API are at risk."
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 11 |
Common Weakness Enumeration (CWE)
Nessus
NASL family SuSE Local Security Checks NASL id OPENSUSE-2019-2399.NASL description This update for lz4 fixes the following issues : - CVE-2019-17543: Fixed a heap-based buffer overflow in LZ4_write32 (bsc#1153936). This update was imported from the SUSE:SLE-15:Update update project. last seen 2020-06-01 modified 2020-06-02 plugin id 130360 published 2019-10-29 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/130360 title openSUSE Security Update : lz4 (openSUSE-2019-2399) NASL family Huawei Local Security Checks NASL id EULEROS_SA-2019-2630.NASL description According to the version of the lz4 package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - LZ4 before 1.9.2 has a heap-based buffer overflow in LZ4_write32 (related to LZ4_compress_destSize), affecting applications that call LZ4_compress_fast with a large input. (This issue can also lead to data corruption.) NOTE: the vendor states last seen 2020-05-08 modified 2019-12-18 plugin id 132165 published 2019-12-18 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/132165 title EulerOS 2.0 SP3 : lz4 (EulerOS-SA-2019-2630) NASL family Huawei Local Security Checks NASL id EULEROS_SA-2019-2542.NASL description According to the version of the lz4 package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - LZ4 before 1.9.2 has a heap-based buffer overflow in LZ4_write32 (related to LZ4_compress_destSize), affecting applications that call LZ4_compress_fast with a large input. (This issue can also lead to data corruption.) NOTE: the vendor states last seen 2020-05-08 modified 2019-12-09 plugin id 131816 published 2019-12-09 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/131816 title EulerOS 2.0 SP5 : lz4 (EulerOS-SA-2019-2542) NASL family SuSE Local Security Checks NASL id OPENSUSE-2019-2398.NASL description This update for lz4 fixes the following issues : - CVE-2019-17543: Fixed a heap-based buffer overflow in LZ4_write32 (bsc#1153936). This update was imported from the SUSE:SLE-15:Update update project. last seen 2020-06-01 modified 2020-06-02 plugin id 130359 published 2019-10-29 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/130359 title openSUSE Security Update : lz4 (openSUSE-2019-2398) NASL family PhotonOS Local Security Checks NASL id PHOTONOS_PHSA-2020-3_0-0083_LZ4.NASL description An update of the lz4 package has been released. last seen 2020-05-03 modified 2020-04-29 plugin id 136094 published 2020-04-29 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/136094 title Photon OS 3.0: Lz4 PHSA-2020-3.0-0083 NASL family Huawei Local Security Checks NASL id EULEROS_SA-2019-2291.NASL description According to the version of the lz4 packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - LZ4 before 1.9.2 has a heap-based buffer overflow in LZ4_write32 (related to LZ4_compress_destSize), affecting applications that call LZ4_compress_fast with a large input. (This issue can also lead to data corruption.) NOTE: the vendor states last seen 2020-05-03 modified 2019-11-27 plugin id 131357 published 2019-11-27 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/131357 title EulerOS 2.0 SP8 : lz4 (EulerOS-SA-2019-2291) NASL family Huawei Local Security Checks NASL id EULEROS_SA-2019-2360.NASL description According to the version of the lz4 package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - LZ4 before 1.9.2 has a heap-based buffer overflow in LZ4_write32 (related to LZ4_compress_destSize), affecting applications that call LZ4_compress_fast with a large input. (This issue can also lead to data corruption.) NOTE: the vendor states last seen 2020-05-08 modified 2019-12-10 plugin id 131852 published 2019-12-10 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/131852 title EulerOS 2.0 SP2 : lz4 (EulerOS-SA-2019-2360) NASL family Huawei Local Security Checks NASL id EULEROS_SA-2020-1262.NASL description According to the version of the lz4 package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - LZ4 before 1.9.2 has a heap-based buffer overflow in LZ4_write32 (related to LZ4_compress_destSize), affecting applications that call LZ4_compress_fast with a large input. (This issue can also lead to data corruption.)(CVE-2019-17543) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-19 modified 2020-03-13 plugin id 134551 published 2020-03-13 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/134551 title EulerOS Virtualization for ARM 64 3.0.2.0 : lz4 (EulerOS-SA-2020-1262) NASL family SuSE Local Security Checks NASL id SUSE_SU-2019-2757-1.NASL description This update for lz4 fixes the following issues : CVE-2019-17543: Fixed a heap-based buffer overflow in LZ4_write32 (bsc#1153936). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 130199 published 2019-10-24 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/130199 title SUSE SLED15 / SLES15 Security Update : lz4 (SUSE-SU-2019:2757-1) NASL family Huawei Local Security Checks NASL id EULEROS_SA-2020-1057.NASL description According to the version of the lz4 packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - LZ4 before 1.9.2 has a heap-based buffer overflow in LZ4_write32 (related to LZ4_compress_destSize), affecting applications that call LZ4_compress_fast with a large input. (This issue can also lead to data corruption.)(CVE-2019-17543) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 132811 published 2020-01-13 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/132811 title EulerOS Virtualization for ARM 64 3.0.5.0 : lz4 (EulerOS-SA-2020-1057) NASL family PhotonOS Local Security Checks NASL id PHOTONOS_PHSA-2020-2_0-0235_LZ4.NASL description An update of the lz4 package has been released. last seen 2020-05-08 modified 2020-05-05 plugin id 136332 published 2020-05-05 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/136332 title Photon OS 2.0: Lz4 PHSA-2020-2.0-0235
References
- https://github.com/lz4/lz4/pull/756
- https://github.com/lz4/lz4/compare/v1.9.1...v1.9.2
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15941
- https://github.com/lz4/lz4/pull/760
- https://github.com/lz4/lz4/issues/801
- http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00070.html
- http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00069.html
- https://www.oracle.com/security-alerts/cpuoct2020.html
- https://www.oracle.com//security-alerts/cpujul2021.html
- https://security.netapp.com/advisory/ntap-20210723-0001/
- https://lists.apache.org/thread.html/9ff0606d16be2ab6a81619e1c9e23c3e251756638e36272c8c8b7fa3%40%3Cissues.arrow.apache.org%3E
- https://lists.apache.org/thread.html/f506bc371d4a068d5d84d7361293568f61167d3a1c3e91f0def2d7d3%40%3Cdev.arrow.apache.org%3E
- https://lists.apache.org/thread.html/793012683dc0fa6819b7c2560e6cf990811014c40c7d75412099c357%40%3Cissues.arrow.apache.org%3E
- https://lists.apache.org/thread.html/f0038c4fab2ee25aee849ebeff6b33b3aa89e07ccfb06b5c87b36316%40%3Cissues.arrow.apache.org%3E
- https://lists.apache.org/thread.html/25015588b770d67470b7ba7ea49a305d6735dd7f00eabe7d50ec1e17%40%3Cissues.arrow.apache.org%3E
- https://lists.apache.org/thread.html/543302d55e2d2da4311994e9b0debdc676bf3fd05e1a2be3407aa2d6%40%3Cissues.arrow.apache.org%3E
- https://lists.apache.org/thread.html/r7bc72200f94298bc9a0e35637f388deb53467ca4b2e2ad1ff66d8960%40%3Cissues.kudu.apache.org%3E
- https://lists.apache.org/thread.html/r4068ba81066792f2b4d208b39c4c4713c5d4c79bd8cb6c1904af5720%40%3Cissues.kudu.apache.org%3E
- https://lists.apache.org/thread.html/r0fb226357e7988a241b06b93bab065bcea2eb38658b382e485960e26%40%3Cissues.kudu.apache.org%3E