ID

VAR-202208-0404

CVE

CVE-2022-37434

TITLE

zlib Buffer error vulnerability

DESCRIPTION

zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference). -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5218-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso August 25, 2022 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : zlib CVE ID : CVE-2022-37434 Debian Bug : 1016710 Evgeny Legerov reported a heap-based buffer overflow vulnerability in the inflate operation in zlib, which could result in denial of service or potentially the execution of arbitrary code if specially crafted input is processed. For the stable distribution (bullseye), this problem has been fixed in version 1:1.2.11.dfsg-2+deb11u2. We recommend that you upgrade your zlib packages. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: zlib security update Advisory ID: RHSA-2023:1095-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2023:1095 Issue date: 2023-03-07 CVE Names: CVE-2022-37434 ==================================================================== 1. Summary: An update for zlib is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: The zlib packages provide a general-purpose lossless data compression library that is used by many different programs. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Package List: Red Hat Enterprise Linux Client (v. 7): Source: zlib-1.2.7-21.el7_9.src.rpm x86_64: zlib-1.2.7-21.el7_9.i686.rpm zlib-1.2.7-21.el7_9.x86_64.rpm zlib-debuginfo-1.2.7-21.el7_9.i686.rpm zlib-debuginfo-1.2.7-21.el7_9.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: minizip-1.2.7-21.el7_9.i686.rpm minizip-1.2.7-21.el7_9.x86_64.rpm minizip-devel-1.2.7-21.el7_9.i686.rpm minizip-devel-1.2.7-21.el7_9.x86_64.rpm zlib-debuginfo-1.2.7-21.el7_9.i686.rpm zlib-debuginfo-1.2.7-21.el7_9.x86_64.rpm zlib-devel-1.2.7-21.el7_9.i686.rpm zlib-devel-1.2.7-21.el7_9.x86_64.rpm zlib-static-1.2.7-21.el7_9.i686.rpm zlib-static-1.2.7-21.el7_9.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: zlib-1.2.7-21.el7_9.src.rpm x86_64: zlib-1.2.7-21.el7_9.i686.rpm zlib-1.2.7-21.el7_9.x86_64.rpm zlib-debuginfo-1.2.7-21.el7_9.i686.rpm zlib-debuginfo-1.2.7-21.el7_9.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: minizip-1.2.7-21.el7_9.i686.rpm minizip-1.2.7-21.el7_9.x86_64.rpm minizip-devel-1.2.7-21.el7_9.i686.rpm minizip-devel-1.2.7-21.el7_9.x86_64.rpm zlib-debuginfo-1.2.7-21.el7_9.i686.rpm zlib-debuginfo-1.2.7-21.el7_9.x86_64.rpm zlib-devel-1.2.7-21.el7_9.i686.rpm zlib-devel-1.2.7-21.el7_9.x86_64.rpm zlib-static-1.2.7-21.el7_9.i686.rpm zlib-static-1.2.7-21.el7_9.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: zlib-1.2.7-21.el7_9.src.rpm ppc64: zlib-1.2.7-21.el7_9.ppc.rpm zlib-1.2.7-21.el7_9.ppc64.rpm zlib-debuginfo-1.2.7-21.el7_9.ppc.rpm zlib-debuginfo-1.2.7-21.el7_9.ppc64.rpm zlib-devel-1.2.7-21.el7_9.ppc.rpm zlib-devel-1.2.7-21.el7_9.ppc64.rpm ppc64le: zlib-1.2.7-21.el7_9.ppc64le.rpm zlib-debuginfo-1.2.7-21.el7_9.ppc64le.rpm zlib-devel-1.2.7-21.el7_9.ppc64le.rpm s390x: zlib-1.2.7-21.el7_9.s390.rpm zlib-1.2.7-21.el7_9.s390x.rpm zlib-debuginfo-1.2.7-21.el7_9.s390.rpm zlib-debuginfo-1.2.7-21.el7_9.s390x.rpm zlib-devel-1.2.7-21.el7_9.s390.rpm zlib-devel-1.2.7-21.el7_9.s390x.rpm x86_64: zlib-1.2.7-21.el7_9.i686.rpm zlib-1.2.7-21.el7_9.x86_64.rpm zlib-debuginfo-1.2.7-21.el7_9.i686.rpm zlib-debuginfo-1.2.7-21.el7_9.x86_64.rpm zlib-devel-1.2.7-21.el7_9.i686.rpm zlib-devel-1.2.7-21.el7_9.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64: minizip-1.2.7-21.el7_9.ppc.rpm minizip-1.2.7-21.el7_9.ppc64.rpm minizip-devel-1.2.7-21.el7_9.ppc.rpm minizip-devel-1.2.7-21.el7_9.ppc64.rpm zlib-debuginfo-1.2.7-21.el7_9.ppc.rpm zlib-debuginfo-1.2.7-21.el7_9.ppc64.rpm zlib-static-1.2.7-21.el7_9.ppc.rpm zlib-static-1.2.7-21.el7_9.ppc64.rpm ppc64le: minizip-1.2.7-21.el7_9.ppc64le.rpm minizip-devel-1.2.7-21.el7_9.ppc64le.rpm zlib-debuginfo-1.2.7-21.el7_9.ppc64le.rpm zlib-static-1.2.7-21.el7_9.ppc64le.rpm s390x: minizip-1.2.7-21.el7_9.s390.rpm minizip-1.2.7-21.el7_9.s390x.rpm minizip-devel-1.2.7-21.el7_9.s390.rpm minizip-devel-1.2.7-21.el7_9.s390x.rpm zlib-debuginfo-1.2.7-21.el7_9.s390.rpm zlib-debuginfo-1.2.7-21.el7_9.s390x.rpm zlib-static-1.2.7-21.el7_9.s390.rpm zlib-static-1.2.7-21.el7_9.s390x.rpm x86_64: minizip-1.2.7-21.el7_9.i686.rpm minizip-1.2.7-21.el7_9.x86_64.rpm minizip-devel-1.2.7-21.el7_9.i686.rpm minizip-devel-1.2.7-21.el7_9.x86_64.rpm zlib-debuginfo-1.2.7-21.el7_9.i686.rpm zlib-debuginfo-1.2.7-21.el7_9.x86_64.rpm zlib-static-1.2.7-21.el7_9.i686.rpm zlib-static-1.2.7-21.el7_9.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: zlib-1.2.7-21.el7_9.src.rpm x86_64: zlib-1.2.7-21.el7_9.i686.rpm zlib-1.2.7-21.el7_9.x86_64.rpm zlib-debuginfo-1.2.7-21.el7_9.i686.rpm zlib-debuginfo-1.2.7-21.el7_9.x86_64.rpm zlib-devel-1.2.7-21.el7_9.i686.rpm zlib-devel-1.2.7-21.el7_9.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: minizip-1.2.7-21.el7_9.i686.rpm minizip-1.2.7-21.el7_9.x86_64.rpm minizip-devel-1.2.7-21.el7_9.i686.rpm minizip-devel-1.2.7-21.el7_9.x86_64.rpm zlib-debuginfo-1.2.7-21.el7_9.i686.rpm zlib-debuginfo-1.2.7-21.el7_9.x86_64.rpm zlib-static-1.2.7-21.el7_9.i686.rpm zlib-static-1.2.7-21.el7_9.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2022-37434 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBZAcuDNzjgjWX9erEAQhBfxAAnzhxAmg+iqzHC7pYiVpoAR4rHumYqU06 6mzA0Y2UcTuzx/baoTpN2lxDJlKcJxijzXAVFDVK/FMfxeznMSl5LziNzdc07Vb0 rlNzQ0UXCaRAOVrHI4cWIi+XOLnwfFT+3ZzLGnIni6ZvdMroQCNJ2AlfLCeQwZ4M 59JZeHsYMJTg2E/sgQ9KALmCA+g+XVPmjrigoEG2DSOgXS/65t0SQ0DvMDeN8nT2 G9fWqBwDZpJcgqUTDI/5JSQ0kgENR4KLmnxbRJETHvydH+0LBlthqNSGmEWuVJYe /Uw/YoffoP3tDzITzJEk5PdN6Y53atG25haf7wLmKWmfWdd2sfNqIOWZN7iUrpGG V/pWF0kamiyrJ3CzLCr73hKWwaN3+tKyX5NlwFyKg67EwujAVS8upcGLgCCy/TDc VuvvK6JiXgz0ieqhfoUXLOw4blF30OnUWWe2WHNTmXxEagRWFDmcyau0+xCs6ZtI 0e/9w8fC8qG79T8tlfM3QbYljHeyDwYRLu8S4D00eQD/KBRTren40qhDiYMjcvtQ hAgDKEkcDR1cKDgalHCNpEWN+WWJdQbCetrAzkqinbVnjXVtNlrVQrgQrQF8RvsA 4vKUM3m4sedi7CblWgtPtUU4KiLNlq2oF03RjrVnW1FohuOJ8oRQ4pnb/5iZ9b1h huKrzrky4/I=yKEJ -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . Summary: Updated rh-sso-7/sso76-openshift-rhel8 container image and rh-sso-7/sso7-rhel8-operator-bundle image is now available for RHEL-8 based Middleware Containers. Description: The rh-sso-7/sso76-openshift-rhel8 container image and rh-sso-7/sso7-rhel8-operator operator has been updated for RHEL-8 based Middleware Containers to address the following security issues. Users of rh-sso-7/sso76-openshift-rhel8 container images and rh-sso-7/sso7-rhel8-operator operator are advised to upgrade to these updated images, which contain backported patches to correct these security issues, fix these bugs and add these enhancements. Users of these images are also encouraged to rebuild all container images that depend on these images. You can find images updated by this advisory in Red Hat Container Catalog (see References). Solution: The RHEL-8 based Middleware Containers container image provided by this update can be downloaded from the Red Hat Container Registry at registry.access.redhat.com. Installation instructions for your platform are available at Red Hat Container Catalog (see References). Dockerfiles and scripts should be amended either to refer to this new image specifically, or to the latest image generally. Bugs fixed (https://bugzilla.redhat.com/): 2138971 - CVE-2022-3782 keycloak: path traversal via double URL encoding 2141404 - CVE-2022-3916 keycloak: Session takeover with OIDC offline refreshtokens 5. JIRA issues fixed (https://issues.jboss.org/): CIAM-4412 - Build new OCP image for rh-sso-7/sso76-openshift-rhel8 CIAM-4413 - Generate new operator bundle image for this patch 6. Bugs fixed (https://bugzilla.redhat.com/): 2064698 - CVE-2020-36518 jackson-databind: denial of service via a large depth of nested objects 2134010 - CVE-2022-32149 golang: golang.org/x/text/language: ParseAcceptLanguage takes a long time to parse complex tags 2135244 - CVE-2022-42003 jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS 2135247 - CVE-2022-42004 jackson-databind: use of deeply nested arrays 5. JIRA issues fixed (https://issues.jboss.org/): LOG-3250 - [release-5.4] FluentdQueueLengthIncreasing rule failing to be evaluated. LOG-3252 - [release-5.4]Adding Valid Subscription Annotation 6. 9) - aarch64, ppc64le, s390x, x86_64 3. Description: The rsync utility enables the users to copy and synchronize files locally or across a network. Synchronization with rsync is fast because rsync only sends the differences in files over the network instead of sending whole files. The rsync utility is also used as a mirroring tool. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.1 Release Notes linked from the References section. Bugs fixed (https://bugzilla.redhat.com/): 2129679 - clusters belong to global clusterset is not selected by placement when rescheduling 2134609 - CVE-2022-3517 nodejs-minimatch: ReDoS via the braceExpand function 2139085 - RHACM 2.6.3 images 2149181 - CVE-2022-41912 crewjam/saml: Authentication bypass when processing SAML responses containing multiple Assertion elements 5. Summary: Red Hat Advanced Cluster Management for Kubernetes 2.4.8 General Availability release images, which fix security issues. Description: Red Hat Advanced Cluster Management for Kubernetes 2.4.8 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. See the following Release Notes documentation, which will be updated shortly for this release, for additional details about this release: https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.4/html/release_notes/ Security fixes: * moment: inefficient parsing algorithm resulting in DoS (CVE-2022-31129) * nodejs: undici vulnerable to CRLF via content headers (CVE-2022-35948) * nodejs: undici.request vulnerable to SSRF (CVE-2022-35949) * terser: insecure use of regular expressions leads to ReDoS (CVE-2022-25858) * search-api: SQL injection leads to remote denial of service (CVE-2022-2238) Bug fix: * RHACM 2.4.8 images (BZ# 2130745) 3. Solution: For Red Hat Advanced Cluster Management for Kubernetes, see the following documentation, which will be updated shortly for this release, for important instructions on installing this update: https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.4/html-single/install/index#installing 4. Bugs fixed (https://bugzilla.redhat.com/): 2101669 - CVE-2022-2238 search-api: SQL injection leads to remote denial of service 2105075 - CVE-2022-31129 moment: inefficient parsing algorithm resulting in DoS 2121068 - CVE-2022-35949 nodejs: undici.request vulnerable to SSRF 2121101 - CVE-2022-35948 nodejs: undici vulnerable to CRLF via content headers 2126277 - CVE-2022-25858 terser: insecure use of regular expressions leads to ReDoS 2130745 - RHACM 2.4.8 images 5. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2022-10-27-8 Additional information for APPLE-SA-2022-10-24-4 macOS Big Sur 11.7.1 macOS Big Sur 11.7.1 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213493. AppleMobileFileIntegrity Available for: macOS Big Sur Impact: An app may be able to modify protected parts of the file system Description: This issue was addressed by removing additional entitlements. CVE-2022-42825: Mickey Jin (@patch1t) Audio Available for: macOS Big Sur Impact: Parsing a maliciously crafted audio file may lead to disclosure of user information Description: The issue was addressed with improved memory handling. CVE-2022-42798: Anonymous working with Trend Micro Zero Day Initiative Entry added October 27, 2022 Kernel Available for: macOS Big Sur Impact: An app may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved state management. CVE-2022-32944: Tim Michaud (@TimGMichaud) of Moveworks.ai Entry added October 27, 2022 ppp Available for: macOS Big Sur Impact: A buffer overflow may result in arbitrary code execution Description: The issue was addressed with improved bounds checks. CVE-2022-32941: an anonymous researcher Entry added October 27, 2022 Ruby Available for: macOS Big Sur Impact: A remote user may be able to cause unexpected app termination or arbitrary code execution Description: A memory corruption issue was addressed by updating Ruby to version 2.6.10. CVE-2022-28739 Sandbox Available for: macOS Big Sur Impact: An app with root privileges may be able to access private information Description: This issue was addressed with improved data protection. CVE-2022-32862: an anonymous researcher zlib Available for: macOS Big Sur Impact: A user may be able to cause unexpected app termination or arbitrary code execution Description: This issue was addressed with improved checks. CVE-2022-37434: Evgeny Legerov CVE-2022-42800: Evgeny Legerov Entry added October 27, 2022 macOS Big Sur 11.7.1 may be obtained from the Mac App Store or Apple's Software Downloads web site: https://support.apple.com/downloads/ All information is also posted on the Apple Security Updates web site: https://support.apple.com/en-us/HT201222. ========================================================================== Ubuntu Security Notice USN-6736-1 April 16, 2024 klibc vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 23.10 - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS (Available with Ubuntu Pro) - Ubuntu 16.04 LTS (Available with Ubuntu Pro) - Ubuntu 14.04 LTS (Available with Ubuntu Pro) Summary: Several security issues were fixed in klibc. Software Description: - klibc: small utilities built with klibc for early boot Details: It was discovered that zlib, vendored in klibc, incorrectly handled pointer arithmetic. An attacker could use this issue to cause klibc to crash or to possibly execute arbitrary code. (CVE-2016-9840, CVE-2016-9841) Danilo Ramos discovered that zlib, vendored in klibc, incorrectly handled memory when performing certain deflating operations. An attacker could use this issue to cause klibc to crash or to possibly execute arbitrary code. (CVE-2018-25032) Evgeny Legerov discovered that zlib, vendored in klibc, incorrectly handled memory when performing certain inflate operations. An attacker could use this issue to cause klibc to crash or to possibly execute arbitrary code. (CVE-2022-37434) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 23.10: klibc-utils 2.0.13-1ubuntu0.1 libklibc 2.0.13-1ubuntu0.1 Ubuntu 22.04 LTS: klibc-utils 2.0.10-4ubuntu0.1 libklibc 2.0.10-4ubuntu0.1 Ubuntu 20.04 LTS: klibc-utils 2.0.7-1ubuntu5.2 libklibc 2.0.7-1ubuntu5.2 Ubuntu 18.04 LTS (Available with Ubuntu Pro): klibc-utils 2.0.4-9ubuntu2.2+esm1 libklibc 2.0.4-9ubuntu2.2+esm1 Ubuntu 16.04 LTS (Available with Ubuntu Pro): klibc-utils 2.0.4-8ubuntu1.16.04.4+esm2 libklibc 2.0.4-8ubuntu1.16.04.4+esm2 Ubuntu 14.04 LTS (Available with Ubuntu Pro): klibc-utils 2.0.3-0ubuntu1.14.04.3+esm3 libklibc 2.0.3-0ubuntu1.14.04.3+esm3 In general, a standard system update will make all the necessary changes

AFFECTED PRODUCTS

CVSS

PROBLEMTYPE DATA

THREAT TYPE

remote

TYPE

buffer error

EXPLOIT AVAILABILITY

PATCH

EXTERNAL IDS

REFERENCES

CREDITS

Red Hat

SOURCES

LAST UPDATE DATE

2026-04-18T22:29:06.873000+00:00

SOURCES UPDATE DATE

SOURCES RELEASE DATE