Get a Quote (408) 943-4100

Commercial Support

TrueNAS.com Software Systems Company Community Security iX Portal Download

Docs Navigation

TrueNAS CORE TrueNAS Enterprise TrueNAS SCALE TrueCommand Help Me Choose FreeNAS

Systems Overview M-Series X-Series R-Series Mini Series

Blog In the News TrueNAS Store iXsystems Careers

TrueNAS GitHub Community Forum Discord TrueNAS Merch Store

Application Asigra TrueNAS Solution Backup Big Data Cloud Multimedia Virtualization

Industry Education Finance Government Healthcare High-Tech Media & Entertainment

Support Documentation TrueNAS Security Blog Case Studies White Papers Solution Briefs iX Portal Plugins & Apps ZFS

Download TrueNAS CORE

Download TrueNAS SCALE

Get TrueNAS Enterprise

contrib lib9p

TrueNAS 13.0

FreeBSD-SA-22:13.zlib : zlib heap buffer overflow

2022-08-30

Versions Affected : All versions prior to TrueNAS 13.0-U2

Description

zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field.

Applications that call inflateGetHeader may be vulnerable to a buffer overflow. Note that inflateGetHeader is not used by anything in the FreeBSD base system, but may be used by third party software.

Workaround

No workaround is available, but applications that do not call inflateGetHeader are not vulnerable.

FreeBSD-SA-22:13.zlib : zlib heap buffer overflow

Description

Workaround

Mitigation

Commit

Further information