|Category:||Huawei EulerOS Local Security Checks|
|Title:||Huawei EulerOS: Security Advisory for lz4 (EulerOS-SA-2020-2191)|
|Summary:||The remote host is missing an update for the Huawei EulerOS; 'lz4' package(s) announced via the EulerOS-SA-2020-2191 advisory.|
The remote host is missing an update for the Huawei EulerOS
'lz4' package(s) announced via the EulerOS-SA-2020-2191 advisory.
LZ4 before 1.9.2 has a heap-based buffer overflow in LZ4_write32 (related to LZ4_compress_destSize), affecting applications that call LZ4_compress_fast with a large input. (This issue can also lead to data corruption.) NOTE: the vendor states 'only a few specific / uncommon usages of the API are at risk.'(CVE-2019-17543)
'lz4' package(s) on Huawei EulerOS Virtualization 22.214.171.124.
Please install the updated package(s).
Common Vulnerability Exposure (CVE) ID: CVE-2019-17543|
|Copyright||Copyright (C) 2020 Greenbone Networks GmbH|
|This is only one of 86218 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.