CVE-2018-16985

Publication date

2018-09-13 14:00:00

Family

mitre

State

PUBLISHED

Description

In Lizard (formerly LZ5) 2.0, use of an invalid memory address was discovered in LZ5_compress_continue in lz5_compress.c, related to LZ5_compress_fastSmall and MEM_read32. The vulnerability causes a segmentation fault and application crash, which leads to denial of service.