CNNVD-202602-1635 Information
Feb 10, 2026
cve
CNNVD ID
CNNVD-202602-1635
Related CVE
- CNNVD Published: 2026-02-10
Description (Chinese)
lrzip是Con Kolivas个人开发者的一个压缩实用程序。 lrzip 0.651及之前版本存在资源管理错误漏洞,该漏洞源于函数lzma_decompress_buf存在释放后重用。
Description (English)
lrzip is a compressed practical program for Con Kolivas personal developers. lrzip 0.651 and previous versions have a resource management error loophole, which results from the release reuse of the function lzma decompress buf.
Hazard Level
High
Vulnerability Type
资源管理错误
Affected Vendor
个人开发者
Published
2026-02-10
Last Modified
2026-02-24
References
https://github.com/user-attachments/files/21709004/PoC_UAF.zip https://github.com/ckolivas/lrzip/ https://vuldb.com/?id.344926 https://github.com/ckolivas/lrzip/issues/262 https://vuldb.com/?ctiid.344926 https://vuldb.com/?submit.752595 https://access.redhat.com/security/cve/cve-2025-15570
Share on: