Medium severity6.5NVD Advisory· Published Apr 6, 2023· Updated Jun 17, 2026
CVE-2023-29416
CVE-2023-29416
Description
An issue was discovered in libbzip3.a in bzip3 before 1.3.0. A bz3_decode_block out-of-bounds write can occur with a crafted archive because bzip3 does not follow the required procedure for interacting with libsais.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- bzip3/bzip3description
- Range: <1.3.0
Patches
Vulnerability mechanics
References
6- github.com/kspalaiologos/bzip3/commit/bfa5bf82b53715dfedf048e5859a46cf248668ffnvdPatch
- github.com/kspalaiologos/bzip3/issues/92nvdExploitIssue TrackingPatch
- github.com/kspalaiologos/bzip3/compare/1.2.3...1.3.0nvdRelease Notes
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4JLSE25SV7K2NB6FTFT4UHJOJUHBHYHY/nvd
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NA7S7HDUAINOTCSWQZ5LIW756DYY22V2/nvd
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NMLFV2FJK3CM7NJLVPZI5RUAFQZICPWW/nvd
News mentions
0No linked articles in our index yet.