Full Report
Out-of-bounds Write vulnerability (CVE-2026-42250) has been found in bzip2 software.
Analysis Summary
# Vulnerability: Out-of-Bounds Write in bzip2recover
## CVE Details
- **CVE ID**: CVE-2026-42250
- **CVSS Score**: Not explicitly provided in the source (typically associated with High severity for memory corruption)
- **CWE**: CWE-787 (Out-of-bounds Write)
## Affected Systems
- **Products**: bzip2
- **Versions**: All versions prior to 1.0.9
- **Configurations**: Specifically affects the `bzip2recover` utility during the processing of compressed files.
## Vulnerability Description
The vulnerability stems from an off-by-one error within the `bzip2recover` utility. When the utility attempts to process a specially crafted, malicious file, it performs an out-of-bounds write to a global buffer. This leads to memory corruption, which typically results in an application crash or potentially more severe memory-related exploits.
## Exploitation
- **Status**: Reported via Coordinated Vulnerability Disclosure; no mention of active exploitation in the wild.
- **Complexity**: Low to Medium (requires a specially crafted file).
- **Attack Vector**: Local (User must execute the recovery utility on a malicious file).
## Impact
- **Confidentiality**: None reported.
- **Integrity**: Medium (Memory corruption).
- **Availability**: High (Application crash/Denial of Service).
## Remediation
### Patches
- **bzip2 version 1.0.9**: This version includes the fix for the off-by-one error. Users are urged to upgrade to this version or newer.
### Workarounds
- Users should avoid running `bzip2recover` on untrusted or suspicious `.bz2` files until the software has been updated to version 1.0.9.
## Detection
- **Indicators of compromise**: Segfaults or unexpected crashes when running `bzip2recover`.
- **Detection methods and tools**: Software composition analysis (SCA) tools should be used to identify legacy versions of bzip2 (pre-1.0.9) in the environment.
## References
- CERT Polska Advisory: hxxps[://]cert[.]pl/en/posts/2026/05/vulnerability-in-bzip2/
- CVE Record: hxxps[://]www[.]cve[.]org/CVERecord?id=CVE-2026-42250
- CWE-787 Definition: hxxps[://]cwe[.]mitre[.]org/data/definitions/787[.]html