CVE-2026-42250

Vulnerability Description

bzip2 contains an off‑by‑one error in the bzip2recover utility. When processing a specially crafted file, the application performs an out‑of‑bounds write to a global buffer, resulting in memory corruption and a crash (denial of service).

This issue was fixed in bzip2 version 1.0.9

Vulnerability Details

Published Date

May 28, 2026

Last Modified

May 28, 2026

CWE ID

CWE-787

Source

NVD

Vendor

bzip2

Product

bzip2

External References

https://cert.pl/en/posts/2026/05/CVE-2026-42250/
https://sourceware.org/bzip2/

CVE-2026-42250

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment