CNNVD-202508-2882 Information

CNNVD ID

CNNVD-202508-2882

Related CVE

CVE-2025-9396

• CNNVD Published: 2025-08-24

Description (Chinese)

lrzip是Con Kolivas个人开发者的一个压缩实用程序。 lrzip 0.651及之前版本存在安全漏洞，该漏洞源于strtol_l.c文件中的__GI_____strtol_l_internal函数存在空指针取消引用。

Description (English)

lrzip is a compressed practical program for Con Kolivas personal developers. lrzip 0.651 and previous versions contain a security loophole that originates from the GI strtrol l international function in the sttool l.c with an empty pointer unquote.

Hazard Level

Critical

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2025-08-24

Last Modified

2026-02-24

References

https://vuldb.com/?submit.632368 https://vuldb.com/?id.321232 https://vuldb.com/?ctiid.321232 https://github.com/ckolivas/lrzip/issues/264 https://drive.google.com/file/d/1EFbiiM1d7Ozb0ucZt6zRO3ngU8ugUnCn/view?usp=sharing https://nvd.nist.gov/vuln/detail/CVE-2025-9396