NVD Vulnerability Detail

Search Exploit, PoC

NVD脆弱性検索トップ

->

NVD Vulnerability Detail

CVE-2026-42250

Summary	bzip2 contains an off‑by‑one error in the bzip2recover utility. When processing a specially crafted file, the application performs an out‑of‑bounds write to a global buffer, resulting in memory corruption and a crash (denial of service). This issue was fixed in bzip2 patch 35d122a3df8b0cc4082a4d89fdc6ee99f375fe67
Publication Date	May 28, 2026, 11:16 p.m.
Registration Date	May 29, 2026, 4:14 a.m.
Last Update	May 29, 2026, 3:16 a.m.

Related information, measures and tools

No	URL	refsource	タグ
1	https://cert.pl/en/posts/2026/05/CVE-2026-42250/	cvd@cert.pl
2	https://inbox.sourceware.org/bzip2-devel/20260528145407.293768-1-mark@klomp.org/	cvd@cert.pl
3	https://sourceware.org/bzip2/	cvd@cert.pl
4	https://sourceware.org/cgit/bzip2/commit/?id=35d122a3df8b0cc4082a4d89fdc6ee99f375fe67	cvd@cert.pl

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-787	境界外書き込み	https://cwe.mitre.org/data/definitions/787.html