{"id":"CVE-2018-25032","details":"zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.","aliases":["GHSA-jc36-42cf-vqwj","PSF-2022-3"],"modified":"2026-03-17T09:13:53.638110Z","published":"2022-03-25T09:15:08.187Z","related":["ALSA-2022:1642","ALSA-2022:2201","ALSA-2022:7813","ALSA-2022:8420","CGA-4q25-jpxp-qpwc","MGASA-2022-0124","MGASA-2022-0314","SUSE-RU-2023:3956-1","SUSE-RU-2023:4991-1","SUSE-SU-2022:1023-1","SUSE-SU-2022:1043-1","SUSE-SU-2022:1061-1","SUSE-SU-2022:1061-2","SUSE-SU-2022:1062-1","SUSE-SU-2022:14929-1","SUSE-SU-2022:3225-1","openSUSE-SU-2022:10126-1","openSUSE-SU-2022:1061-1","openSUSE-SU-2024:11966-1","openSUSE-SU-2024:11999-1","openSUSE-SU-2024:12021-1","openSUSE-SU-2024:12042-1","openSUSE-SU-2024:12068-1","openSUSE-SU-2024:12097-1","openSUSE-SU-2024:12360-1","openSUSE-SU-2024:13165-1","openSUSE-SU-2024:13629-1","openSUSE-SU-2024:14174-1","openSUSE-SU-2025:14656-1","openSUSE-SU-2025:14697-1","openSUSE-SU-2026:10356-1"],"references":[{"type":"ADVISORY","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html"},{"type":"ADVISORY","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF/"},{"type":"ADVISORY","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB/"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20220729-0004/"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html"},{"type":"ADVISORY","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20220526-0009/"},{"type":"ADVISORY","url":"https://www.openwall.com/lists/oss-security/2022/03/28/3"},{"type":"ADVISORY","url":"http://seclists.org/fulldisclosure/2022/May/33"},{"type":"ADVISORY","url":"https://support.apple.com/kb/HT213257"},{"type":"ADVISORY","url":"http://seclists.org/fulldisclosure/2022/May/35"},{"type":"ADVISORY","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4/"},{"type":"ADVISORY","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/202210-42"},{"type":"ADVISORY","url":"https://support.apple.com/kb/HT213256"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html"},{"type":"ADVISORY","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/"},{"type":"ADVISORY","url":"https://www.openwall.com/lists/oss-security/2022/03/24/1"},{"type":"ADVISORY","url":"https://support.apple.com/kb/HT213255"},{"type":"ADVISORY","url":"http://seclists.org/fulldisclosure/2022/May/38"},{"type":"ADVISORY","url":"http://www.openwall.com/lists/oss-security/2022/03/25/2"},{"type":"FIX","url":"https://www.oracle.com/security-alerts/cpujul2022.html"},{"type":"FIX","url":"https://github.com/madler/zlib/compare/v1.2.11...v1.2.12"},{"type":"FIX","url":"https://www.debian.org/security/2022/dsa-5111"},{"type":"FIX","url":"https://github.com/madler/zlib/issues/605"},{"type":"FIX","url":"https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531"},{"type":"EVIDENCE","url":"http://www.openwall.com/lists/oss-security/2022/03/26/1"},{"type":"EVIDENCE","url":"https://www.openwall.com/lists/oss-security/2022/03/28/1"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/madler/zlib","events":[{"introduced":"0484693e1723bbab791c56f95597bd7dbe867d03"},{"fixed":"21767c654d31d2dccdde4330529775c6c5fd5389"},{"fixed":"5c44459c3b28a9bd3283aaceab7c615f8020c531"}],"database_specific":{"versions":[{"introduced":"1.2.2.2"},{"fixed":"1.2.12"}]}},{"type":"GIT","repo":"https://github.com/mariadb/server","events":[{"introduced":"0"},{"last_affected":"776555af021e917ce0d6235386b43ae59fdd5161"},{"introduced":"20ae591abd0bfe1bfaee546989ee163f4ef832b1"},{"fixed":"faddcf3c395da640b760c3f701f5bc1f3baae6c4"},{"introduced":"c761b43451d54eeeecdf3c102906fcce88d4e9d9"},{"fixed":"65e8506ca9d03967191b6ed207cf107d311f7f99"},{"introduced":"7c7f9bef28aa566557da31402142f6dd8298ddd2"},{"fixed":"1ac0bce36e5bf2136cedb1ce1da949f53cce4404"},{"introduced":"1a647b700f6b72dc97211510a5d0c647d5d3d911"},{"fixed":"b8f6d315fe4fe62ef73f6fb4f45e004fcedec20c"},{"introduced":"0"},{"fixed":"98d7ac1fbe2d61c0d21e2c22808ef808f29c0827"},{"introduced":"0"},{"fixed":"6ffbc0e510cdaafe0494acd04e48d1f44727e86a"},{"introduced":"0"},{"fixed":"10ed52767d25f3f9b9f5eee4983a3dee612ed2c6"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"10.0"},{"introduced":"10.3.0"},{"fixed":"10.3.36"},{"introduced":"10.4.0"},{"fixed":"10.4.26"},{"introduced":"10.5.0"},{"fixed":"10.5.17"},{"introduced":"10.6.0"},{"fixed":"10.6.9"},{"introduced":"10.7.0"},{"fixed":"10.7.5"},{"introduced":"10.8.0"},{"fixed":"10.8.4"},{"introduced":"10.9.0"},{"fixed":"10.9.2"}]}},{"type":"GIT","repo":"https://github.com/python/cpython","events":[{"introduced":"1bf9cc509326bc42cd8cb1650eb9bf64550d817e"},{"fixed":"e1ebdc52b8bd82a928398b0a75149552a723389a"},{"introduced":"fa919fdf2583bdfead1df00e842f24f30b2a34bf"},{"fixed":"f43e7678a1443b2583fc9bfba091b8ca7e38f075"},{"introduced":"9cf6752276e6fcfd0c23fdb064ad27f448aaaf75"},{"fixed":"6de2ca5339a83edb957e5a657ee6d6183cb3914c"},{"introduced":"b494f5935c92951e75597bfe1c8b1f3112fec270"},{"fixed":"f37715396786fd4055f5891aa16774ede26392ff"},{"introduced":"0"},{"fixed":"6046c5e0298c25515ea58abc8ab87f7413e3f743"},{"introduced":"0"},{"fixed":"6046c5e0298c25515ea58abc8ab87f7413e3f743"},{"introduced":"0"},{"fixed":"6046c5e0298c25515ea58abc8ab87f7413e3f743"},{"introduced":"0"},{"fixed":"6046c5e0298c25515ea58abc8ab87f7413e3f743"},{"introduced":"0"},{"fixed":"6046c5e0298c25515ea58abc8ab87f7413e3f743"},{"introduced":"0"},{"fixed":"6046c5e0298c25515ea58abc8ab87f7413e3f743"}],"database_specific":{"versions":[{"introduced":"3.7.0"},{"fixed":"3.7.14"},{"introduced":"3.8.0"},{"fixed":"3.8.14"},{"introduced":"3.9.0"},{"fixed":"3.9.13"},{"introduced":"3.10.0"},{"fixed":"3.10.5"},{"introduced":"0"},{"fixed":"3.0"},{"introduced":"0"},{"fixed":"3.0"},{"introduced":"0"},{"fixed":"3.0"},{"introduced":"0"},{"fixed":"3.0"},{"introduced":"0"},{"fixed":"3.0"},{"introduced":"0"},{"fixed":"3.0"}]}},{"type":"GIT","repo":"https://github.com/sparklemotion/nokogiri","events":[{"introduced":"0"},{"fixed":"4e2c4b2571dc58af294f61e6fd923f0d1698c036"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"1.13.4"}]}}],"versions":["1.7.0.1-linux-binary1","REL_1.0.0","REL_1.0.1","REL_1.0.2","REL_1.0.3","REL_1.0.4","REL_1.0.5","REL_1.0.6","REL_1.0.7","REL_1.1.0","REL_1.1.1","REL_1.2.0","REL_1.2.1","REL_1.2.2","REL_1.2.3","REL_1.3.0","REL_1.3.0rc1","REL_1.3.1","REL_1.3.2","REL_1.3.3","REL_1.4.0","REL_1.4.1","REL_1.4.2","REL_1.4.3","REL_1.4.3.1","REL_1.5.0.beta.1","REL_1.5.0.beta.2","v1.10.0","v1.10.0.rc1","v1.10.1","v1.10.2","v1.10.3","v1.11.0","v1.11.0.rc1","v1.11.0.rc2","v1.11.0.rc3","v1.11.0.rc4","v1.11.1","v1.11.2","v1.11.3","v1.12.0","v1.12.0.rc1","v1.12.1","v1.12.2","v1.12.3","v1.13.0","v1.13.1","v1.13.2","v1.13.3","v1.2.10","v1.2.11","v1.2.2.2","v1.2.2.3","v1.2.2.4","v1.2.3","v1.2.3.1","v1.2.3.2","v1.2.3.3","v1.2.3.4","v1.2.3.5","v1.2.3.6","v1.2.3.7","v1.2.3.8","v1.2.3.9","v1.2.4","v1.2.4-pre1","v1.2.4-pre2","v1.2.4.1","v1.2.4.2","v1.2.4.3","v1.2.4.4","v1.2.4.5","v1.2.5","v1.2.5.1","v1.2.5.2","v1.2.5.3","v1.2.6","v1.2.6.1","v1.2.7","v1.2.7.1","v1.2.7.2","v1.2.7.3","v1.2.8","v1.2.9","v1.4.4","v1.4.4.1","v1.4.4.2","v1.5.0","v1.5.0.beta.3","v1.5.0.beta.4","v1.5.1","v1.5.1.rc1","v1.5.2","v1.5.3","v1.5.3.rc1","v1.5.3.rc3","v1.5.3.rc4","v1.5.3.rc5","v1.5.3.rc6","v1.5.4","v1.5.4.rc1","v1.5.4.rc2","v1.5.4.rc3","v1.5.5","v1.5.5.rc1","v1.5.5.rc2","v1.5.5.rc3","v1.5.6","v1.5.6.rc1","v1.5.6.rc2","v1.5.7","v1.5.7.rc1","v1.5.7.rc2","v1.5.7.rc3","v1.5.8","v1.5.9","v1.6.0","v1.6.0.rc1","v1.6.2","v1.6.2.1","v1.6.2.beta.1","v1.6.2.rc1","v1.6.2.rc2","v1.6.2.rc3","v1.6.3","v1.6.3.1","v1.6.3.rc1","v1.6.3.rc2","v1.6.3.rc3","v1.6.4","v1.6.5","v1.6.6","v1.6.6.1","v1.6.6.2","v1.6.7.rc1","v1.6.7.rc2","v1.6.7.rc3","v1.6.7.rc4","v1.6.8","v1.6.8.rc1","v1.6.8.rc2","v1.6.8.rc3","v1.7.0","v1.7.0.1","v1.8.0","v1.8.1","v1.8.2","v1.8.3","v1.8.4","v1.8.5","v1.9.0","v1.9.0.rc1","v1.9.1","v3.10.0","v3.10.1","v3.10.2","v3.10.3","v3.10.4"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-25032.json","vanir_signatures":[{"digest":{"threshold":0.9,"line_hashes":["141723864317747925058336557003436481538","67358590013236664675391494614848539802","302908053743602711134143963280417879769","63246384868305385028609490170472494591","197696826748605258549566037975095074473","178728171548848499097530913039572405075","239441329185959104795351783318844433913","113880934804577714788433535757505248367","186776389272425000966978050927088826772","230224791616736251459435186768860733470","315011761030768229289512186357498758174","7512418680227091364171781841596870314","337472628272406866696043769040470883323","179952937507251961654454387812217343994","52432553690372258283590198874603137476","48216828784747377600525248297419610319","167386283172557197139527567126230857405","52989523748966647699789142542497781711","104284105052473956938937706929463953108","61514555653805824093844711119884087722","261275755014155220492152028762043809052","223152562692181219827932737786788727815","251997642670575075602858006756589800988","263015191860464613075683134237649416842"]},"signature_version":"v1","source":"https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531","deprecated":false,"target":{"file":"deflate.h"},"signature_type":"Line","id":"CVE-2018-25032-0fc51149"},{"digest":{"threshold":0.9,"line_hashes":["169072606656351450279649863850454019753","17710512698977196510172536531425461179","81495839520009362345739217355106485781","96873933899704050250074138143477389045","193018546515486736552411127981193003639","253466289704733341310999185816665865321","148742185194678940549793933445202421433","323916017316580777623465780375233230960"]},"signature_version":"v1","source":"https://github.com/madler/zlib/commit/21767c654d31d2dccdde4330529775c6c5fd5389","deprecated":false,"target":{"file":"zlib.h"},"signature_type":"Line","id":"CVE-2018-25032-4fc4bd14"},{"digest":{"threshold":0.9,"line_hashes":["95527534056965999805195222966911308931","40377084281797978781809953378357646014","169925438748705490661276078601557135147","263420814224869622578870971980400825129","55947360462560040236426082660137443332","278112257920924414324335574811393650708","21474087875977361105189073914296703668","213530804123451704796055807666465775624","128861107472703546063652180908920042922","320638403681128379778124806992206626438","164212191260478141579821974251646259037","158218631382871507579401750610032717544","208663743624237816202707950212939183677","319931111585565094142139107543831628965","304585962814257033681920331726959626340","288091319656971273051039017292829193524","314181257043960388891286509408608660270","281348945158634912779652987617921208801","251371988921103670719178198170621178148","89228518188905023274567953372492642384","11154538915074374363518656421808658793","138692121015815931217353122397344876623","331635599745367811337070131292552797279","140300391123739811445147671784482577305","296162210247165598639726066625577764646","202179798597446626580721641273616384631","227213397709513200874059200915662776630","98431677271186169320922500200198031189","32929428429162941793112522035732042956","186318132831561585867179212354734263910","147675632396734393261281517662783924275","30425654285744897008841363475340594789","264248193964434628768022975059497886822","157856874409156161731194607198107812714","7477895630416423579748747537469175639","287319464347230740037567272479812888874","124040230490321498039465106068895104028","157856874409156161731194607198107812714","7477895630416423579748747537469175639","287319464347230740037567272479812888874","124040230490321498039465106068895104028","157856874409156161731194607198107812714","7477895630416423579748747537469175639","287319464347230740037567272479812888874","124040230490321498039465106068895104028","157856874409156161731194607198107812714","7477895630416423579748747537469175639","287319464347230740037567272479812888874","124040230490321498039465106068895104028"]},"signature_version":"v1","source":"https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531","deprecated":false,"target":{"file":"deflate.c"},"signature_type":"Line","id":"CVE-2018-25032-561ef634"},{"digest":{"length":405,"function_hash":"183577064079204038223351938506323241649"},"signature_version":"v1","source":"https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531","deprecated":false,"target":{"function":"_tr_tally_dist","file":"deflate.h"},"signature_type":"Function","id":"CVE-2018-25032-6531a8a2"},{"digest":{"threshold":0.9,"line_hashes":["214744496223247653368558617428211201099","253050378431180911023762193025223910616","87923266587290958873099049929578195305","127855408725286484088217530625603664819","87037018033221873688859225337419891466","29148570494249790744157799622586398125","338517306195430233433283683433328742620","301380373821772771150528019183428157261"]},"signature_version":"v1","source":"https://github.com/madler/zlib/commit/21767c654d31d2dccdde4330529775c6c5fd5389","deprecated":false,"target":{"file":"inftrees.c"},"signature_type":"Line","id":"CVE-2018-25032-9099e612"},{"digest":{"length":258,"function_hash":"197602208888546417884389429356439392046"},"signature_version":"v1","source":"https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531","deprecated":false,"target":{"function":"_tr_tally_lit","file":"deflate.h"},"signature_type":"Function","id":"CVE-2018-25032-b8d1705b"},{"digest":{"length":1094,"function_hash":"96567548985656349046472553596954460768"},"signature_version":"v1","source":"https://github.com/mariadb/server/commit/faddcf3c395da640b760c3f701f5bc1f3baae6c4","deprecated":false,"target":{"function":"find_set","file":"sql/strfunc.cc"},"signature_type":"Function","id":"CVE-2018-25032-bab28f5d"},{"digest":{"threshold":0.9,"line_hashes":["275729980329486640864871635647500674241","36310519418943524490990280449166385695","83093560647248392120903241051961354577","15559684812814601637683710660364447171","124457097401623797224694666739951043404","170040189433616466552056819666133826240","37728164962488204105515535869221895289","318974904746630559889012130340606527190","203420035528872593117691111285885472961","281432424335107080520185873839181488805","263446684365866307309878265978833443492","180904249670093724273103375739725429001","157392680355378625847726856020041717172","98431604612329735115473080898565296646","104463810397730140048307147091942102116","695108473130459805652151375261153836","260256238173438554145983822103816123323","55563018243523296312660524556172760836","54521747130159132355809839883599176076","284183267864467478325414241930994380573","317226498807644787217983491378508508945","294461928729349457650093699995822630553","23843344622014854395634360508374769167","181349001937904947627317717850091119788","247642861271588735194604471829776102269","241241107559885235631428206071269883582","71389195349489551025665626279939797786","305697195570412995838641631157082682039","271659869836972134851981129039061253853","114017433329083463939489002363684398859","243284635003099158607636791722620798624","254090499493632955889431416931979758708","280994057955809864110825216049260260568","189542929523420146747088537002250990400","264830883514038256125886789433363475321","208672719471545000741289466095903292417","81191180630014765923302463762403452970","289565422209295032945524427625623770663","228817909144996188778908253764289710103","324270781134441179326963692477977264994","228478318158434263888083744272467519845","314337177623198088727946449990923729069","306782173303871066853395012939350031227","236509791217529222740138786750656921902","150138996121765241686509325879686315727","144184067178449835701555955902902643889","95046897030385651463719084436879453213","234560781543869297759876207381494709077"]},"signature_version":"v1","source":"https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531","deprecated":false,"target":{"file":"trees.c"},"signature_type":"Line","id":"CVE-2018-25032-eaa7586e"},{"digest":{"threshold":0.9,"line_hashes":["271363707396860767418283350345897486504","120596951573328682502907908502941671745","115421961338400510566446524145876737974","64074615696916198601226435566349591945"]},"signature_version":"v1","source":"https://github.com/mariadb/server/commit/faddcf3c395da640b760c3f701f5bc1f3baae6c4","deprecated":false,"target":{"file":"sql/strfunc.cc"},"signature_type":"Line","id":"CVE-2018-25032-ee10862f"},{"digest":{"threshold":0.9,"line_hashes":["126645371934723795408240054134084952125","322307427315863238317112620933022021501","256503866570416506295079035505712108155","15806894764804274414459352727020678022","314889920572542091506181723470559893645","177217552855493665874390356969939697929","139935676736971979223979138843256805157","280500335852305858214095586379792500585"]},"signature_version":"v1","source":"https://github.com/madler/zlib/commit/21767c654d31d2dccdde4330529775c6c5fd5389","deprecated":false,"target":{"file":"contrib/infback9/inftree9.c"},"signature_type":"Line","id":"CVE-2018-25032-fa847818"}],"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"9.0"}]},{"events":[{"introduced":"0"},{"last_affected":"11.0"}]},{"events":[{"introduced":"0"},{"last_affected":"34"}]},{"events":[{"introduced":"0"},{"last_affected":"35"}]},{"events":[{"introduced":"0"},{"last_affected":"36"}]},{"events":[{"introduced":"10.15"},{"fixed":"10.15.7"}]},{"events":[{"introduced":"0"},{"last_affected":"10.15.7-NA"}]},{"events":[{"introduced":"0"},{"last_affected":"10.15.7-security_update_2020"}]},{"events":[{"introduced":"0"},{"last_affected":"10.15.7-security_update_2020\\-001"}]},{"events":[{"introduced":"0"},{"last_affected":"10.15.7-security_update_2020\\-005"}]},{"events":[{"introduced":"0"},{"last_affected":"10.15.7-security_update_2020\\-007"}]},{"events":[{"introduced":"0"},{"last_affected":"10.15.7-security_update_2021\\-001"}]},{"events":[{"introduced":"0"},{"last_affected":"10.15.7-security_update_2021\\-002"}]},{"events":[{"introduced":"0"},{"last_affected":"10.15.7-security_update_2021\\-003"}]},{"events":[{"introduced":"0"},{"last_affected":"10.15.7-security_update_2021\\-006"}]},{"events":[{"introduced":"0"},{"last_affected":"10.15.7-security_update_2021\\-007"}]},{"events":[{"introduced":"0"},{"last_affected":"10.15.7-security_update_2021\\-008"}]},{"events":[{"introduced":"0"},{"last_affected":"10.15.7-security_update_2022\\-001"}]},{"events":[{"introduced":"0"},{"last_affected":"10.15.7-security_update_2022\\-002"}]},{"events":[{"introduced":"0"},{"last_affected":"10.15.7-security_update_2022\\-003"}]},{"events":[{"introduced":"11.0"},{"fixed":"11.6.6"}]},{"events":[{"introduced":"12.0.0"},{"fixed":"12.4"}]},{"events":[{"introduced":"11.0.0"},{"last_affected":"11.70.2"}]},{"events":[{"introduced":"0"},{"last_affected":"6.45"}]},{"events":[{"introduced":"0"},{"last_affected":"7.52"}]},{"events":[{"introduced":"0"},{"last_affected":"8.60"}]},{"events":[{"introduced":"0"},{"last_affected":"11.54"}]},{"events":[{"introduced":"0"},{"last_affected":"13.46"}]},{"events":[{"introduced":"0"},{"last_affected":"15.38"}]},{"events":[{"introduced":"0"},{"last_affected":"17.32"}]},{"events":[{"introduced":"0"},{"fixed":"11.9.18"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}