Home

CVE-2019-12900

Description

BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors.

Risk Information

Base Score
9.8
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
1.132

Associated Vulnerability

VulnerabilityOS Platform
Vulnerabilities CVE-2016-3189,CVE-2019-12900 are affected in Python 3.10.2Windows
Vulnerabilities CVE-2016-3189,CVE-2019-12900 are affected in Python 3.7.12Windows
Vulnerabilities CVE-2019-12900 are affected in Python 3.8.12Windows
Vulnerabilities CVE-2016-3189,CVE-2019-12900 are affected in Python 3.9.10Windows
Anti-virus utility for Unix (USN-4146-1) clamav_0.101.4+dfsg-0ubuntu0.16.04.1_i386.debLinux
Anti-virus utility for Unix (USN-4146-1) clamav_0.101.4+dfsg-0ubuntu0.16.04.1_amd64.debLinux
Anti-virus utility for Unix (USN-4146-1) clamav_0.101.4+dfsg-0ubuntu0.18.04.1_i386.debLinux
Anti-virus utility for Unix (USN-4146-1) clamav_0.101.4+dfsg-0ubuntu0.18.04.1_amd64.debLinux
Anti-virus utility for Unix (USN-4146-1) clamav_0.101.4+dfsg-0ubuntu0.19.04.1_i386.debLinux
Anti-virus utility for Unix (USN-4146-1) clamav_0.101.4+dfsg-0ubuntu0.19.04.1_amd64.debLinux
SUSE-SU-2019:3066-1(SUSE Linux Enterprise Desktop 12-SP4 ) clamav-0.100.3-33.26.1.x86_64.rpmLinux
SUSE-SU-2019:3066-1(SUSE Linux Enterprise Desktop 12-SP4 ) clamav-debuginfo-0.100.3-33.26.1.x86_64.rpmLinux
SUSE-SU-2019:3066-1(SUSE Linux Enterprise Desktop 12-SP4 ) clamav-debugsource-0.100.3-33.26.1.x86_64.rpmLinux
SUSE-SU-2020:3729-1(SUSE Linux Enterprise Server 12-SP5 ) clamav-0.103.0-3.3.1.x86_64.rpmLinux
SUSE-SU-2020:3729-1(SUSE Linux Enterprise Server 12-SP5 ) clamav-debuginfo-0.103.0-3.3.1.x86_64.rpmLinux
SUSE-SU-2020:3729-1(SUSE Linux Enterprise Server 12-SP5 ) clamav-debugsource-0.103.0-3.3.1.x86_64.rpmLinux
SUSE-SU-2019:2013-1(SUSE Linux Enterprise Server 12-SP5) bzip2-1.0.6-30.8.1.x86_64.rpmLinux
SUSE-SU-2019:2013-1(SUSE Linux Enterprise Server 12-SP5) bzip2-debuginfo-1.0.6-30.8.1.x86_64.rpmLinux
SUSE-SU-2019:2013-1(SUSE Linux Enterprise Server 12-SP5) bzip2-debugsource-1.0.6-30.8.1.x86_64.rpmLinux
SUSE-SU-2019:2013-1(SUSE Linux Enterprise Server 12-SP5) bzip2-doc-1.0.6-30.8.1.noarch.rpmLinux
SUSE-SU-2019:2013-1(SUSE Linux Enterprise Server 12-SP5) libbz2-1-1.0.6-30.8.1.x86_64.rpmLinux
SUSE-SU-2019:2013-1(SUSE Linux Enterprise Server 12-SP5) libbz2-1-32bit-1.0.6-30.8.1.x86_64.rpmLinux
SUSE-SU-2019:2013-1(SUSE Linux Enterprise Server 12-SP5) libbz2-1-debuginfo-1.0.6-30.8.1.x86_64.rpmLinux
SUSE-SU-2019:2013-1(SUSE Linux Enterprise Server 12-SP5) libbz2-1-debuginfo-32bit-1.0.6-30.8.1.x86_64.rpmLinux
bzip2 Security Update (ALAS-2021-1652) bzip2-1.0.6-13.amzn2.0.3.x86_64.rpmLinux
bzip2 Security Update (ALAS-2021-1652) bzip2-libs-1.0.6-13.amzn2.0.3.i686.rpmLinux
bzip2 Security Update (ALAS-2021-1652) bzip2-libs-1.0.6-13.amzn2.0.3.x86_64.rpmLinux
bzip2 Security Update (ALAS-2021-1652) bzip2-devel-1.0.6-13.amzn2.0.3.x86_64.rpmLinux
Bzip2-libs update (ELSA-2024-8922) bzip2-libs-1.0.6-27.el8_10.x86_64.rpmLinux
Bzip2-libs update (ELSA-2024-8922) bzip2-libs-1.0.6-27.el8_10.i686.rpmLinux
Bzip2-devel update (ELSA-2024-8922) bzip2-devel-1.0.6-27.el8_10.x86_64.rpmLinux
Bzip2-devel update (ELSA-2024-8922) bzip2-devel-1.0.6-27.el8_10.i686.rpmLinux
Bzip2 update (ELSA-2024-8922) bzip2-1.0.6-27.el8_10.x86_64.rpmLinux
(RHSA-2024:8922)Low: security update bzip2-libs-1.0.6-27.el8_10.x86_64.rpmLinux
(RHSA-2024:8922)Low: security update bzip2-libs-1.0.6-27.el8_10.i686.rpmLinux
(RHSA-2024:8922)Low: security update bzip2-devel-1.0.6-27.el8_10.x86_64.rpmLinux
(RHSA-2024:8922)Low: security update bzip2-devel-1.0.6-27.el8_10.i686.rpmLinux
(RHSA-2024:8922)Low: security update bzip2-1.0.6-27.el8_10.x86_64.rpmLinux
bzip2 security update (RLSA-2024:8922) bzip2-1.0.6-27.el8_10.x86_64.rpmLinux
bzip2 security update (RLSA-2024:8922) bzip2-devel-1.0.6-27.el8_10.i686.rpmLinux
bzip2 security update (RLSA-2024:8922) bzip2-devel-1.0.6-27.el8_10.x86_64.rpmLinux
bzip2 security update (RLSA-2024:8922) bzip2-libs-1.0.6-27.el8_10.i686.rpmLinux
bzip2 security update (RLSA-2024:8922) bzip2-libs-1.0.6-27.el8_10.x86_64.rpmLinux
Bzip2-libs update (ELSA-2024-8922) bzip2-libs-1.0.6-27.0.1.el8_10.x86_64.rpmLinux
Bzip2-libs update (ELSA-2024-8922) bzip2-libs-1.0.6-27.0.1.el8_10.i686.rpmLinux
Bzip2-devel update (ELSA-2024-8922) bzip2-devel-1.0.6-27.0.1.el8_10.x86_64.rpmLinux
Bzip2-devel update (ELSA-2024-8922) bzip2-devel-1.0.6-27.0.1.el8_10.i686.rpmLinux
Bzip2 update (ELSA-2024-8922) bzip2-1.0.6-27.0.1.el8_10.x86_64.rpmLinux
fence update (CESAS-2025-0018) fence-virtd-tcp-4.10.0-83.el9.x86_64.rpmLinux
fence update (CESAS-2025-0018) fence-virtd-serial-4.10.0-83.el9.x86_64.rpmLinux
fence update (CESAS-2025-0018) fence-virtd-multicast-4.10.0-83.el9.x86_64.rpmLinux
fence update (CESAS-2025-0018) fence-virtd-libvirt-4.10.0-83.el9.x86_64.rpmLinux
fence update (CESAS-2025-0018) fence-virtd-cpg-4.10.0-83.el9.x86_64.rpmLinux
fence update (CESAS-2025-0018) fence-virtd-4.10.0-83.el9.x86_64.rpmLinux
fence update (CESAS-2025-0018) fence-virt-4.10.0-83.el9.x86_64.rpmLinux
fence update (CESAS-2025-0018) fence-agents-virsh-4.10.0-83.el9.noarch.rpmLinux
fence update (CESAS-2025-0018) fence-agents-kubevirt-4.10.0-83.el9.x86_64.rpmLinux
fence update (CESAS-2025-0018) fence-agents-ibm-vpc-4.10.0-83.el9.noarch.rpmLinux
fence update (CESAS-2025-0018) fence-agents-ibm-powervs-4.10.0-83.el9.noarch.rpmLinux
fence update (CESAS-2025-0018) fence-agents-compute-4.10.0-83.el9.x86_64.rpmLinux
fence update (CESAS-2025-0018) fence-agents-common-4.10.0-83.el9.noarch.rpmLinux
bzip2 update (CESAS-2025-0019) bzip2-libs-1.0.8-10.el9.x86_64.rpmLinux
bzip2 update (CESAS-2025-0019) bzip2-libs-1.0.8-10.el9.i686.rpmLinux
bzip2 update (CESAS-2025-0018) bzip2-devel-1.0.8-10.el9.x86_64.rpmLinux
bzip2 update (CESAS-2025-0018) bzip2-devel-1.0.8-10.el9.i686.rpmLinux
bzip2 update (CESAS-2025-0019) bzip2-1.0.8-10.el9.x86_64.rpmLinux
perf update (CESAS-2025-0015) perf-6.12.0-43.el10.x86_64.rpmLinux
Bzip2 update (ELSA-2025-0733) bzip2-1.0.6-28.el8_10.x86_64.rpmLinux
Bzip2-libs update (ELSA-2025-0733) bzip2-libs-1.0.6-28.el8_10.x86_64.rpmLinux
Bzip2-libs update (ELSA-2025-0733) bzip2-libs-1.0.6-28.el8_10.i686.rpmLinux
Bzip2-devel update (ELSA-2025-0733) bzip2-devel-1.0.6-28.el8_10.x86_64.rpmLinux
Bzip2-devel update (ELSA-2025-0733) bzip2-devel-1.0.6-28.el8_10.i686.rpmLinux
(RHSA-2025:0733)Moderate: security update bzip2-libs-1.0.6-28.el8_10.x86_64.rpmLinux
(RHSA-2025:0733)Moderate: security update bzip2-libs-1.0.6-28.el8_10.i686.rpmLinux
(RHSA-2025:0733)Moderate: security update bzip2-devel-1.0.6-28.el8_10.x86_64.rpmLinux
(RHSA-2025:0733)Moderate: security update bzip2-devel-1.0.6-28.el8_10.i686.rpmLinux
(RHSA-2025:0733)Moderate: security update bzip2-1.0.6-28.el8_10.x86_64.rpmLinux
Bzip2-libs update (ELSA-2025-0925) bzip2-libs-1.0.8-10.el9_5.x86_64.rpmLinux
Bzip2-libs update (ELSA-2025-0925) bzip2-libs-1.0.8-10.el9_5.i686.rpmLinux
Bzip2-devel update (ELSA-2025-0925) bzip2-devel-1.0.8-10.el9_5.x86_64.rpmLinux
Bzip2-devel update (ELSA-2025-0925) bzip2-devel-1.0.8-10.el9_5.i686.rpmLinux
Bzip2 update (ELSA-2025-0925) bzip2-1.0.8-10.el9_5.x86_64.rpmLinux
bzip2 update (CESAS-2025-0044) bzip2-1.0.8-25.el10.x86_64.rpmLinux
bzip2 update (CESAS-2025-0039) bzip2-devel-1.0.8-25.el10.x86_64.rpmLinux
bzip2 update (CESAS-2025-0044) bzip2-libs-1.0.8-25.el10.x86_64.rpmLinux
glibc update (CESAS-2025-0044) glibc-2.39-37.el10.x86_64.rpmLinux
glibc update (CESAS-2025-0044) glibc-all-langpacks-2.39-37.el10.x86_64.rpmLinux
glibc update (CESAS-2025-0044) glibc-common-2.39-37.el10.x86_64.rpmLinux
glibc update (CESAS-2025-0038) glibc-devel-2.39-37.el10.x86_64.rpmLinux
glibc update (CESAS-2025-0038) glibc-doc-2.39-37.el10.noarch.rpmLinux
glibc update (CESAS-2025-0044) glibc-gconv-extra-2.39-37.el10.x86_64.rpmLinux
glibc update (CESAS-2025-0044) glibc-langpack-aa-2.39-37.el10.x86_64.rpmLinux
glibc update (CESAS-2025-0044) glibc-langpack-af-2.39-37.el10.x86_64.rpmLinux
glibc update (CESAS-2025-0044) glibc-langpack-agr-2.39-37.el10.x86_64.rpmLinux
glibc update (CESAS-2025-0044) glibc-langpack-ak-2.39-37.el10.x86_64.rpmLinux
glibc update (CESAS-2025-0044) glibc-langpack-am-2.39-37.el10.x86_64.rpmLinux
glibc update (CESAS-2025-0044) glibc-langpack-an-2.39-37.el10.x86_64.rpmLinux
glibc update (CESAS-2025-0044) glibc-langpack-anp-2.39-37.el10.x86_64.rpmLinux
glibc update (CESAS-2025-0044) glibc-langpack-ar-2.39-37.el10.x86_64.rpmLinux
glibc update (CESAS-2025-0044) glibc-langpack-as-2.39-37.el10.x86_64.rpmLinux
glibc update (CESAS-2025-0044) glibc-langpack-ast-2.39-37.el10.x86_64.rpmLinux
glibc update (CESAS-2025-0044) glibc-langpack-ayc-2.39-37.el10.x86_64.rpmLinux
glibc update (CESAS-2025-0044) glibc-langpack-az-2.39-37.el10.x86_64.rpmLinux
glibc update (CESAS-2025-0044) glibc-langpack-be-2.39-37.el10.x86_64.rpmLinux
glibc update (CESAS-2025-0044) glibc-langpack-bem-2.39-37.el10.x86_64.rpmLinux
glibc update (CESAS-2025-0044) glibc-langpack-ber-2.39-37.el10.x86_64.rpmLinux
glibc update (CESAS-2025-0044) glibc-langpack-bg-2.39-37.el10.x86_64.rpmLinux
glibc update (CESAS-2025-0044) glibc-langpack-bhb-2.39-37.el10.x86_64.rpmLinux
glibc update (CESAS-2025-0044) glibc-langpack-bho-2.39-37.el10.x86_64.rpmLinux
glibc update (CESAS-2025-0044) glibc-langpack-bi-2.39-37.el10.x86_64.rpmLinux
glibc update (CESAS-2025-0044) glibc-langpack-bn-2.39-37.el10.x86_64.rpmLinux
glibc update (CESAS-2025-0044) glibc-langpack-bo-2.39-37.el10.x86_64.rpmLinux
glibc update (CESAS-2025-0044) glibc-langpack-br-2.39-37.el10.x86_64.rpmLinux
glibc update (CESAS-2025-0044) glibc-langpack-brx-2.39-37.el10.x86_64.rpmLinux
glibc update (CESAS-2025-0044) glibc-langpack-bs-2.39-37.el10.x86_64.rpmLinux
bzip2 security update (RLSA-2025:0733) bzip2-libs-1.0.6-28.el8_10.x86_64.rpmLinux
bzip2 security update (RLSA-2025:0733) bzip2-libs-1.0.6-28.el8_10.i686.rpmLinux
bzip2 security update (RLSA-2025:0733) bzip2-devel-1.0.6-28.el8_10.x86_64.rpmLinux
bzip2 security update (RLSA-2025:0733) bzip2-devel-1.0.6-28.el8_10.i686.rpmLinux
bzip2 security update (RLSA-2025:0733) bzip2-1.0.6-28.el8_10.x86_64.rpmLinux
bzip2 security update (RLSA-2025:0925) bzip2-libs-1.0.8-10.el9_5.x86_64.rpmLinux
bzip2 security update (RLSA-2025:0925) bzip2-libs-1.0.8-10.el9_5.i686.rpmLinux
bzip2 security update (RLSA-2025:0925) bzip2-devel-1.0.8-10.el9_5.x86_64.rpmLinux
bzip2 security update (RLSA-2025:0925) bzip2-devel-1.0.8-10.el9_5.i686.rpmLinux
bzip2 security update (RLSA-2025:0925) bzip2-1.0.8-10.el9_5.x86_64.rpmLinux
Moderate: bzip2 security update bzip2-1.0.6-28.el8_10.x86_64.rpmLinux
Moderate: bzip2 security update bzip2-devel-1.0.6-28.el8_10.i686.rpmLinux
Moderate: bzip2 security update bzip2-devel-1.0.6-28.el8_10.x86_64.rpmLinux
Moderate: bzip2 security update bzip2-libs-1.0.6-28.el8_10.i686.rpmLinux
Moderate: bzip2 security update bzip2-libs-1.0.6-28.el8_10.x86_64.rpmLinux
Moderate: bzip2 security update bzip2-1.0.8-10.el9_5.x86_64.rpmLinux
Moderate: bzip2 security update bzip2-devel-1.0.8-10.el9_5.i686.rpmLinux
Moderate: bzip2 security update bzip2-devel-1.0.8-10.el9_5.x86_64.rpmLinux
Moderate: bzip2 security update bzip2-libs-1.0.8-10.el9_5.i686.rpmLinux
Moderate: bzip2 security update bzip2-libs-1.0.8-10.el9_5.x86_64.rpmLinux
Out-of-bounds Write Vulnerability (CVE-2019-12900)NCM

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234