suse · CVE-2008-1372

Quick triage

Priority: medium Published: 2021-05-30 12:42:07 UTC Updated: 2026-04-18 20:28:31 UTC

View at Official suse advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2008-1372 severity moderate: SUSE including 25 source package names (bzip2-1.0.5-34.246, bzip2-1.0.5-34.253.1, …), 35 product×package rows across 9 product lines (SUSE Linux Enterprise Server 11 SP1, SUSE Linux Enterprise Server 11 SP2, … (9 product lines)): Fixed 35.

Description:

bzlib.c in bzip2 before 1.0.5 allows user-assisted remote attackers to cause a denial of service (crash) via a crafted file that triggers a buffer over-read, as demonstrated by the PROTOS GENOME test suite for Archive Formats.

cvelogic Threat Intelligence