CVE 2014-4607
Integer overflow in the LZO algorithm variant in Oberhumer liblzo2 and lzo-2 before 2.07 on 32-bit platforms might allow remote attackers to execute arbitrary code via a crafted Literal Run.
Related bugs and status
CVE-2014-4607 (Candidate) is related to these bugs:
Bug #1352421: possible denial of service or code execution via integer overflow
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1352421 | possible denial of service or code execution via integer overflow | krfb (Ubuntu) | Undecided | Fix Released | ||
1352421 | possible denial of service or code execution via integer overflow | krfb (Ubuntu Trusty) | Undecided | Fix Released | ||
1352421 | possible denial of service or code execution via integer overflow | krfb (Ubuntu Utopic) | Undecided | Fix Released |
Bug #1393264: Sync lzo2 2.08-1 (main) from Debian unstable (main)
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1393264 | Sync lzo2 2.08-1 (main) from Debian unstable (main) | lzo2 (Ubuntu) | Wishlist | Fix Released |
Bug #1911440: Build using distro minilzo
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1911440 | Build using distro minilzo | grub2 (Ubuntu) | Undecided | Fix Released | ||
1911440 | Build using distro minilzo | grub2 (Ubuntu Groovy) | Undecided | Fix Released | ||
1911440 | Build using distro minilzo | grub2 (Ubuntu Hirsute) | Undecided | Fix Released | ||
1911440 | Build using distro minilzo | grub2 (Ubuntu Focal) | Undecided | Fix Released | ||
1911440 | Build using distro minilzo | grub2-signed (Ubuntu) | Undecided | Fix Released | ||
1911440 | Build using distro minilzo | grub2-signed (Ubuntu Focal) | Undecided | Fix Released | ||
1911440 | Build using distro minilzo | grub2-signed (Ubuntu Groovy) | Undecided | Fix Released | ||
1911440 | Build using distro minilzo | grub2-signed (Ubuntu Hirsute) | Undecided | Fix Released |
See the
CVE page on Mitre.org
for more details.