CVE-2018-25032: Buffer Overflow
Published Apr 20, 2018
·Updated
AMD. A buffer overflow issue was addressed with improved memory handling.
Other sources
AMD. A memory corruption issue was addressed with improved state management.
— Apple
An out-of-bounds access flaw was found in zlib, which allows memory corruption when deflating (ex: when compressing) if the input has many distant matches. For some rare inputs with a large number of distant matches (crafted payloads), the buffer into which the compressed or deflated data is written can overwrite the distance symbol table which it overlays. This issue results in corrupted output due to invalid distances, which leads to out-of-bound access, corrupting the memory and potentially crashing the application.
apache. Multiple issues were addressed by updating apache to version 2.4.53.
— Apple
AppKit. A logic issue was addressed with improved validation.
— Apple
AppleAVD. An out-of-bounds write issue was addressed with improved bounds checking.
— Apple
Credit
Tavis Ormandy, Arsenii Kostromin (0x3c3e)(Microsoft), Jonathan Bar Or(Microsoft), Zhipeng Huo@@R3dF09(Tencent Security Xuanwu Lab), Yuebin Sun@@yuebinsun2020(Tencent Security Xuanwu Lab), Max Shavrick@@_mxms(the Google Security Team), Zubair Ashraf(Crowdstrike), CVE-2022-0778, CVE-2022-23308, Mickey Jin@@patch1t, @@gorelics, an anonymous researcher, Linus Henze(Pinauten GmbH), Peter Nguyễn Vũ Hoàng(STAR Labs), Felix Poulin-Belanger, Antonio Cheong Yu Xuan(YCISCQ), Arsenii Kostromin (0x3c3e), CVE-2021-4136, CVE-2021-4166, CVE-2021-4173, CVE-2021-4187, CVE-2021-4192, CVE-2021-4193, CVE-2021-46059, CVE-2022-0128, Heige(KnownSec 404 Team), Bo Qu(Palo Alto Networks), Scarlet Raine, Wang Yu(Cyberserval), CVE-2022-0530, CVE-2021-45444, Liu Long(Ant Security Light), Jack Dates(RET2 Systems Inc), Antonio Zekic@@antoniozekic, Jeonghoon Shin(Theori working with Trend Micro Zero Day Initiative), Peter Nguyễn Vũ Hoàng@@peternguyen14(STAR Labs), Ned Williamson(Google Project Zero), @@gorelics(BreakPoint), (BreakPoint), Ron Masas(BreakPoint), Wojciech Reguła@@_r3ggi(SecuRing), Yonghwi Jin@@jinmo123(Theori), Lockheed Martin Red Team, Jeremy Brown(Trend Micro Zero Day Initiative), Michael DePlante@@izobashi(Trend Micro Zero Day Initiative), Qi Sun(Trend Micro), Ye Zhang@@co0py_Cat(Baidu Security), Robert Ai(Trend Micro), CVE-2021-44224, CVE-2021-44790, CVE-2022-22719, CVE-2022-22720, CVE-2022-22721, Paul Walker(Bury), Nathaniel Ekoniak(Ennate Technologies), Gergely Kalman@@gergely_kalman(Mandiant), (Mandiant), Joshua Mason(Mandiant), Ron Waisberg(SecuRing), an anonymous researcher(SecuRing), (Perception Point), Ron Hass@@ronhass7(Perception Point), ryuzaki, Chijin Zhou(ShuiMuYuLin Ltd), Tsinghua wingtecher lab, Jeonghoon Shin(Theori), SorryMybad@@S0rryMybad(Kunlun Lab), Dongzhuo Zhao(ADLab of Venustech), ABC Research s.r.o, Jon Thompson(Evolve), IA), actae0n(Blacksun Hackers Club working with Trend Micro Zero Day Initiative), Andrew Williams(Google), Avi Drissman(Google), chenyuwang@@mzzzz__(Tencent Security Xuanwu Lab), Jordy Zomer@@pwningsystems
Affected Software
127 affected componentsFixes available
redhat/zlib<0:1.2.3-31.el6_10
0:1.2.3-31.el6_10
redhat/zlib<0:1.2.7-20.el7_9
0:1.2.7-20.el7_9
redhat/zlib<0:1.2.7-17.el7_4.1
0:1.2.7-17.el7_4.1
redhat/zlib<0:1.2.7-18.el7_6.1
0:1.2.7-18.el7_6.1
redhat/zlib<0:1.2.7-18.el7_7.1
0:1.2.7-18.el7_7.1
redhat/mingw-zlib<0:1.2.8-10.el8
0:1.2.8-10.el8
redhat/zlib<0:1.2.11-18.el8_5
0:1.2.11-18.el8_5
redhat/rsync<0:3.1.3-14.el8_6.2
0:3.1.3-14.el8_6.2
redhat/zlib<0:1.2.11-11.el8_1.1
0:1.2.11-11.el8_1.1
redhat/rsync<0:3.1.3-6.el8_1.1
0:3.1.3-6.el8_1.1
redhat/zlib<0:1.2.11-17.el8_2
0:1.2.11-17.el8_2
redhat/rsync<0:3.1.3-7.el8_2.1
0:3.1.3-7.el8_2.1
redhat/rsync<0:3.1.3-12.el8_4.1
0:3.1.3-12.el8_4.1
redhat/zlib<0:1.2.11-18.el8_4
0:1.2.11-18.el8_4
redhat/zlib<0:1.2.11-31.el9_0.1
0:1.2.11-31.el9_0.1
redhat/rsync<0:3.2.3-9.el9_0.1
0:3.2.3-9.el9_0.1
redhat/mingw-zlib<0:1.2.12-2.el9
0:1.2.12-2.el9
redhat/redhat-virtualization-host<0:4.3.23-20220622.0.el7_9
0:4.3.23-20220622.0.el7_9
debian/zlib<=1:1.2.11.dfsg-2, <=1:1.2.8.dfsg-5, <=1:1.2.11.dfsg-1
1:1.2.11.dfsg-41:1.2.11.dfsg-2+deb11u11:1.2.11.dfsg-1+deb10u1
Apple macOS Big Sur<11.6.6
11.6.6
debian/libz-mingw-w64<=1.2.11+dfsg-2
1.2.13+dfsg-11.3.1+dfsg-2
debian/zlib
1:1.2.11.dfsg-2+deb11u21:1.2.13.dfsg-11:1.3.dfsg+really1.3.1-1
Apple Catalina
Apple macOS Monterey<12.4
12.4
IBM Cognos Analytics<=12.0.0-12.0.4
IBM Cognos Analytics<=11.2.0-11.2.4 FP5
zlib zlib<1.2.12
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Debian Debian Linux=11.0
Fedoraproject Fedora=34
Fedoraproject Fedora=35
Fedoraproject Fedora=36
Apple iOS and macOS>=10.15<10.15.7
Apple iOS and macOS=10.15.7
Apple iOS and macOS=10.15.7-security_update_2020
Apple iOS and macOS=10.15.7-security_update_2020-001
Apple iOS and macOS=10.15.7-security_update_2020-005
Apple iOS and macOS=10.15.7-security_update_2020-007
Apple iOS and macOS=10.15.7-security_update_2021-001
Apple iOS and macOS=10.15.7-security_update_2021-002
Apple iOS and macOS=10.15.7-security_update_2021-003
Apple iOS and macOS=10.15.7-security_update_2021-006
Apple iOS and macOS=10.15.7-security_update_2021-007
Apple iOS and macOS=10.15.7-security_update_2021-008
Apple iOS and macOS=10.15.7-security_update_2022-001
Apple iOS and macOS=10.15.7-security_update_2022-002
Apple iOS and macOS=10.15.7-security_update_2022-003
Apple macOS>=11.0<11.6.6
Apple macOS>=12.0.0<12.4
Python Python>=3.7.0<3.7.14
Python Python>=3.8.0<3.8.14
Python Python>=3.9.0<3.9.13
Python Python>=3.10.0<3.10.5
MariaDB MariaDB>=10.3.0<10.3.36
MariaDB MariaDB>=10.4.0<10.4.26
MariaDB MariaDB>=10.5.0<10.5.17
MariaDB MariaDB>=10.6.0<10.6.9
MariaDB MariaDB>=10.7.0<10.7.5
MariaDB MariaDB>=10.8.0<10.8.4
MariaDB MariaDB>=10.9.0<10.9.2
NetApp Active Iq Unified Manager Vmware Vsphere
NetApp E-Series SANtricity OS Controller>=11.0.0<=11.70.2
NetApp Management Services For Element Software
NetApp OnCommand Workflow Automation
NetApp ONTAP Select Deploy administration utility
NetApp Hci Compute Node
NetApp H300s Firmware
NetApp H300s
NetApp H500s Firmware
NetApp H500s
NetApp H700s Firmware
NetApp H700s
NetApp H410s Firmware
NetApp H410s
NetApp H410c Firmware
NetApp H410c
Siemens Scalance Sc622-2c Firmware<3.0
Siemens Scalance Sc622-2c
Siemens Scalance Sc626-2c Firmware<3.0
Siemens Scalance Sc626-2c
Siemens Scalance Sc632-2c Firmware<3.0
Siemens Scalance Sc632-2c
Siemens Scalance Sc636-2c Firmware<3.0
Siemens Scalance Sc636-2c
Siemens Scalance Sc642-2c Firmware<3.0
Siemens Scalance Sc642-2c
Siemens Scalance Sc646-2c Firmware<3.0
Siemens Scalance Sc646-2c
Azul Zulu=6.45
Azul Zulu=7.52
Azul Zulu=8.60
Azul Zulu=11.54
Azul Zulu=13.46
Azul Zulu=15.38
Azul Zulu=17.32
Goto Gotoassist<11.9.18
Nokogiri Nokogiri Ruby<1.13.4
All of the following
NetApp H300s Firmware
NetApp H300s
All of the following
NetApp H500s Firmware
NetApp H500s
All of the following
NetApp H700s Firmware
NetApp H700s
All of the following
NetApp H410s Firmware
NetApp H410s
All of the following
NetApp H410c Firmware
NetApp H410c
All of the following
Siemens Scalance Sc622-2c Firmware<3.0
Siemens Scalance Sc622-2c
All of the following
Siemens Scalance Sc626-2c Firmware<3.0
Siemens Scalance Sc626-2c
All of the following
Siemens Scalance Sc632-2c Firmware<3.0
Siemens Scalance Sc632-2c
All of the following
Siemens Scalance Sc636-2c Firmware<3.0
Siemens Scalance Sc636-2c
All of the following
Siemens Scalance Sc642-2c Firmware<3.0
Siemens Scalance Sc642-2c
All of the following
Siemens Scalance Sc646-2c Firmware<3.0
Siemens Scalance Sc646-2c
redhat/zlib<1.2.12
1.2.12
All of the following
Any of the following
Python Python>=3.7.0<3.7.14
Python Python>=3.8.0<3.8.14
Python Python>=3.9.0<3.9.13
Python Python>=3.10.0<3.10.5
Microsoft Windows
zlib zlib>=1.2.2.2<1.2.12
Remediation
Patch Available
Patch Available
Patch Available
Patch Available
Event History
Apr 20, 2018
CVE Published
12:00 AM
Mar 24, 2022
Data Sourced
via Red Hat·05:24 AM
DescriptionSeverityAffected Software
Mar 25, 2022
CVE Published
via MITRE·12:00 AM
Data Sourced
via MITRE·12:00 AM
Description
Data Sourced
via NVD·09:15 AM
RemedyDescriptionSeverityWeaknessAffected Software
May 16, 2022
Data Sourced
via Apple·12:00 AM
DescriptionWeaknessAffected Software
Updated
via Apple·12:00 AM
Description
Updated
via Apple·12:00 AM
DescriptionWeakness
Apr 16, 2024
Data Sourced
via Launchpad·02:05 PM
Description
Sep 15, 2024
Data Sourced
via Ubuntu·02:28 PM
RemedyDescriptionSeverityAffected Software
Parent advisories
This vulnerability appears in the following advisories.
- RHSA-2022:2214
- RHSA-2022:2213
- RHSA-2023:0976
- RHSA-2023:0975
- RHSA-2023:0943
- RHSA-2022:7813
- RHSA-2022:1642
- RHSA-2022:2201
- RHSA-2022:1591
- RHSA-2022:2197
- RHSA-2022:1661
- RHSA-2022:2192
- RHSA-2022:2198
- RHSA-2022:4845
- RHSA-2022:4584
- RHSA-2022:4592
- RHSA-2022:8420
- RHSA-2022:7144
- RHSA-2022:5439
- RHSA-2022:4896
- HT213256
- APPLE-HT213256
- HT213255
- HT213257
- IBM-7183676
- APPLE-HT213257
- APPLE-102871
Peer vulnerabilities
Found alongside the following vulnerabilities.
- CVE-2021-44224
- CVE-2021-44790
- CVE-2022-22719
- CVE-2022-22720
- CVE-2022-22721
- CVE-2022-22665
- CVE-2022-22675
- CVE-2022-22630
- CVE-2022-26751
- CVE-2022-26698
- CVE-2022-26697
- CVE-2022-22663
- CVE-2022-26721
- CVE-2022-26722
- CVE-2022-26763
- CVE-2022-22674
- CVE-2022-26720
- CVE-2022-26770
- CVE-2022-26756
- CVE-2022-26769
- CVE-2022-26748
- CVE-2022-26768
- CVE-2022-26714
- CVE-2022-26757
- CVE-2021-30946
- CVE-2022-26767
- CVE-2022-26706
- CVE-2022-32882
- CVE-2022-32790
- CVE-2022-26776
- CVE-2022-0778
- CVE-2022-23308
- CVE-2022-32794
- CVE-2022-26712
- CVE-2022-26746
- CVE-2022-26731
- CVE-2022-26766
- CVE-2022-26718
- CVE-2022-26723
- CVE-2022-26715
- CVE-2022-26728
- CVE-2022-26726
- CVE-2022-26755
- CVE-2021-4136
- CVE-2021-4166
- CVE-2021-4173
- CVE-2021-4187
- CVE-2021-4192
- CVE-2021-4193
- CVE-2021-46059
- CVE-2022-0128
- CVE-2022-22589
- CVE-2022-26745
- CVE-2022-26761
- CVE-2022-0530
- CVE-2018-25032
- CVE-2021-45444
- CVE-2022-26775
- CVE-2022-26727
- CVE-2022-26772
- CVE-2022-26741
- CVE-2022-26742
- CVE-2022-26749
- CVE-2022-26750
- CVE-2022-26752
- CVE-2022-26753
- CVE-2022-26754
- CVE-2022-26707
- CVE-2022-26736
- CVE-2022-26737
- CVE-2022-26738
- CVE-2022-26739
- CVE-2022-26740
- CVE-2022-32783
- CVE-2022-26694
- CVE-2022-32781
- CVE-2022-26711
- CVE-2022-26725
- CVE-2022-26701
- CVE-2022-26758
- CVE-2022-26743
- CVE-2022-26764
- CVE-2022-26765
- CVE-2022-26708
- CVE-2022-48575
- CVE-2022-22617
- CVE-2022-32782
- CVE-2022-26693
- CVE-2022-26704
- CVE-2022-42857
- CVE-2022-26696
- CVE-2022-26700
- CVE-2022-26709
- CVE-2022-26710
- CVE-2022-26717
- CVE-2022-26716
- CVE-2022-26719
- CVE-2022-22677
- CVE-2022-26762
Frequently Asked Questions
1
What is the severity of CVE-2018-25032?
CVE-2018-25032 is rated as a high severity vulnerability due to its potential for memory corruption.
2
How do I fix CVE-2018-25032?
To address CVE-2018-25032, update zlib to versions 1.2.3-31.el6_10, 1.2.7-20.el7_9, or higher as per your system requirements.
3
What types of systems are affected by CVE-2018-25032?
CVE-2018-25032 impacts systems running vulnerable versions of zlib across Red Hat and Debian distributions.
4
What are the main issues caused by CVE-2018-25032?
CVE-2018-25032 leads to buffer overflow and memory corruption issues that can be exploited when compressing data.
5
Is CVE-2018-25032 part of a larger set of vulnerabilities?
Yes, CVE-2018-25032 is part of a broader set of vulnerabilities affecting memory handling in zlib.