Description:
zlib before 1.3.2 allows CPU consumption via crc32_combine64 and
crc32_combine_gen64 because x2nmodp can do right shifts within a loop
that has no termination condition. (CVE-2026-27171)
- https://bugs.mageia.org/show_bug.cgi?id=35291
- https://bugzilla.redhat.com/show_bug.cgi?id=2440530
- https://ubuntu.com/security/CVE-2026-27171
- https://security-tracker.debian.org/tracker/CVE-2026-27171
- https://www.cve.org/CVERecord?id=CVE-2026-27171
- 9/core/zlib-1.2.13-1.4.mga9
Get the latest Linux and open source security news straight to your inbox.