Zlib denial of service vulnerability [CVE-2018-25032]
CVE number = CVE-2018-25032
Zlib is vulnerable to a denial of service, caused by a memory corruption in the deflate operation.
By using many distant matches, a remote attacker could exploit this vulnerability to cause the application to crash.
This bug was introduced in zlib v1.2.2.2 through zlib v1.2.11, with the addition of the Z_FIXED option, which forces the use of fixed Huffman codes, rather than dynamic Huffman codes, allowing for a simpler decoder for special applications.
Duncan is a technology professional with over 20 years experience of working in various IT roles. He has a interest in cyber security, and has a wide range of other skills in radio, electronics and telecommunications.