{"dataType": "CVE_RECORD", "cveMetadata": {"cveId": "CVE-2026-27171", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "state": "PUBLISHED", "assignerShortName": "mitre", "dateReserved": "2026-02-18T02:36:19.339Z", "datePublished": "2026-02-18T02:36:19.509Z", "dateUpdated": "2026-02-18T13:38:55.713Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "zlib", "vendor": "zlib", "versions": [{"lessThan": "1.3.2", "status": "affected", "version": "0", "versionType": "semver"}]}], "descriptions": [{"lang": "en", "value": "zlib before 1.3.2 allows CPU consumption via crc32_combine64 and crc32_combine_gen64 because x2nmodp can do right shifts within a loop that has no termination condition."}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 2.9, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-1284", "description": "CWE-1284 Improper Validation of Specified Quantity in Input", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-02-18T02:44:09.091Z"}, "references": [{"url": "https://github.com/madler/zlib/issues/904"}, {"url": "https://7asecurity.com/reports/pentest-report-zlib-RC1.1.pdf"}, {"url": "https://7asecurity.com/blog/2026/02/zlib-7asecurity-audit/"}, {"url": "https://ostif.org/zlib-audit-complete/"}, {"url": "https://github.com/madler/zlib/releases/tag/v1.3.2"}], "x_generator": {"engine": "CVE-Request-form 0.0.1"}, "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:zlib:zlib:*:*:*:*:*:*:*:*", "versionEndExcluding": "1.3.2"}]}]}]}, "adp": [{"references": [{"url": "https://7asecurity.com/reports/pentest-report-zlib-RC1.1.pdf", "tags": ["exploit"]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-02-18T13:35:50.671404Z", "id": "CVE-2026-27171", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-18T13:38:55.713Z"}}]}, "dataVersion": "5.2"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-27171", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-02-18T13:35:50.671404Z"}}}], "references": [{"url": "https://7asecurity.com/reports/pentest-report-zlib-RC1.1.pdf", "tags": ["exploit"]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-18T13:36:01.452Z"}}], "cna": {"metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 2.9, "attackVector": "LOCAL", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "zlib", "product": "zlib", "versions": [{"status": "affected", "version": "0", "lessThan": "1.3.2", "versionType": "semver"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://github.com/madler/zlib/issues/904"}, {"url": "https://7asecurity.com/reports/pentest-report-zlib-RC1.1.pdf"}, {"url": "https://7asecurity.com/blog/2026/02/zlib-7asecurity-audit/"}, {"url": "https://ostif.org/zlib-audit-complete/"}, {"url": "https://github.com/madler/zlib/releases/tag/v1.3.2"}], "x_generator": {"engine": "CVE-Request-form 0.0.1"}, "descriptions": [{"lang": "en", "value": "zlib before 1.3.2 allows CPU consumption via crc32_combine64 and crc32_combine_gen64 because x2nmodp can do right shifts within a loop that has no termination condition."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-1284", "description": "CWE-1284 Improper Validation of Specified Quantity in Input"}]}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:zlib:zlib:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "1.3.2"}], "operator": "OR"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-02-18T02:44:09.091Z"}}}, "cveMetadata": {"cveId": "CVE-2026-27171", "state": "PUBLISHED", "dateUpdated": "2026-02-18T13:38:55.713Z", "dateReserved": "2026-02-18T02:36:19.339Z", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2026-02-18T02:36:19.509Z", "assignerShortName": "mitre"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:zlib:zlib:*:*:*:*:*:*:*:*", "matchCriteriaId": "94CCDD7A-18CD-4961-848E-A827A3E2F3BC", "versionEndExcluding": "1.3.2", "versionStartIncluding": "1.2.12", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "zlib before 1.3.2 allows CPU consumption via crc32_combine64 and crc32_combine_gen64 because x2nmodp can do right shifts within a loop that has no termination condition."}, {"lang": "es", "value": "zlib anterior a 1.3.2 permite el consumo de CPU a trav\u00e9s de crc32_combine64 y crc32_combine_gen64 porque x2nmodp puede realizar desplazamientos a la derecha dentro de un bucle que no tiene condici\u00f3n de terminaci\u00f3n."}], "id": "CVE-2026-27171", "lastModified": "2026-03-25T21:27:04.603", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 2.9, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 1.4, "impactScore": 1.4, "source": "cve@mitre.org", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2026-02-18T04:16:01.263", "references": [{"source": "cve@mitre.org", "tags": ["Product"], "url": "https://7asecurity.com/blog/2026/02/zlib-7asecurity-audit/"}, {"source": "cve@mitre.org", "tags": ["Technical Description"], "url": "https://7asecurity.com/reports/pentest-report-zlib-RC1.1.pdf"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Issue Tracking"], "url": "https://github.com/madler/zlib/issues/904"}, {"source": "cve@mitre.org", "tags": ["Release Notes"], "url": "https://github.com/madler/zlib/releases/tag/v1.3.2"}, {"source": "cve@mitre.org", "tags": ["Product"], "url": "https://ostif.org/zlib-audit-complete/"}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "tags": ["Technical Description"], "url": "https://7asecurity.com/reports/pentest-report-zlib-RC1.1.pdf"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-1284"}], "source": "cve@mitre.org", "type": "Secondary"}]}

{"bugzilla": {"description": "zlib: zlib: Denial of Service via infinite loop in CRC32 combine functions", "id": "2440530", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2440530"}, "csaw": false, "cvss3": {"cvss3_base_score": "2.9", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "status": "draft"}, "cwe": "CWE-835", "details": ["A flaw was found in zlib. An attacker providing specially crafted input to the `crc32_combine64` or `crc32_combine_gen64` functions could trigger an infinite loop within the `x2nmodp` function. This leads to excessive CPU consumption, which can result in a Denial of Service (DoS) for the affected system."], "name": "CVE-2026-27171", "package_state": [{"cpe": "cpe:/a:redhat:logging:5", "fix_state": "Out of support scope", "package_name": "openshift-logging/elasticsearch6-rhel9", "product_name": "Logging Subsystem for Red Hat OpenShift"}, {"cpe": "cpe:/a:redhat:logging:5", "fix_state": "Out of support scope", "package_name": "openshift-logging/elasticsearch-operator-bundle", "product_name": "Logging Subsystem for Red Hat OpenShift"}, {"cpe": "cpe:/a:redhat:logging:5", "fix_state": "Out of support scope", "package_name": "openshift-logging/elasticsearch-proxy-rhel9", "product_name": "Logging Subsystem for Red Hat OpenShift"}, {"cpe": "cpe:/a:redhat:logging:5", "fix_state": "Out of support scope", "package_name": "openshift-logging/elasticsearch-rhel9-operator", "product_name": "Logging Subsystem for Red Hat OpenShift"}, {"cpe": "cpe:/a:redhat:logging:5", "fix_state": "Out of support scope", "package_name": "openshift-logging/kibana6-rhel8", "product_name": "Logging Subsystem for Red Hat OpenShift"}, {"cpe": "cpe:/a:redhat:logging:5", "fix_state": "Out of support scope", "package_name": "openshift-logging/logging-curator5-rhel9", "product_name": "Logging Subsystem for Red Hat OpenShift"}, {"cpe": "cpe:/a:redhat:openjdk_els:11", "fix_state": "Out of support scope", "package_name": "java-11-openjdk", "product_name": "Red Hat build of OpenJDK 11 ELS"}, {"cpe": "cpe:/a:redhat:openjdk_els:11", "fix_state": "Out of support scope", "package_name": "java-11-openjdk-portable", "product_name": "Red Hat build of OpenJDK 11 ELS"}, {"cpe": "cpe:/a:redhat:openjdk:17", "fix_state": "Fix deferred", "package_name": "java-17-openjdk-portable", "product_name": "Red Hat build of OpenJDK 17"}, {"cpe": "cpe:/a:redhat:openjdk:1.8", "fix_state": "Fix deferred", "package_name": "java-1.8.0-openjdk-portable", "product_name": "Red Hat build of OpenJDK 1.8"}, {"cpe": "cpe:/a:redhat:openjdk:21", "fix_state": "Fix deferred", "package_name": "java-21-openjdk-portable", "product_name": "Red Hat build of OpenJDK 21"}, {"cpe": "cpe:/a:redhat:openjdk:25", "fix_state": "Fix deferred", "package_name": "java-25-openjdk-portable", "product_name": "Red Hat build of OpenJDK 25"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Fix deferred", "package_name": "java-21-openjdk", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Fix deferred", "package_name": "java-25-openjdk", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Fix deferred", "package_name": "mingw-zlib", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Fix deferred", "package_name": "rsync", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "thunderbird", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "zlib", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Fix deferred", "package_name": "zlib", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "java-17-openjdk", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "java-1.8.0-openjdk", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "java-21-openjdk", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "mingw-zlib", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "mysql:8.4/mysql", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "nodejs:24/nodejs", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "rsync", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "thunderbird", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "zlib", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "java-17-openjdk", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "java-1.8.0-openjdk", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "java-21-openjdk", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "java-25-openjdk", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "mingw-zlib", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "mysql:8.4/mysql", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "nodejs:24/nodejs", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "rsync", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "thunderbird", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "zlib", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/a:redhat:jboss_core_services:1", "fix_state": "Fix deferred", "package_name": "zlib", "product_name": "Red Hat JBoss Core Services"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "package_name": "rhcos", "product_name": "Red Hat OpenShift Container Platform 4"}], "public_date": "2026-02-18T02:36:19Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-27171\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-27171\nhttps://7asecurity.com/blog/2026/02/zlib-7asecurity-audit/\nhttps://7asecurity.com/reports/pentest-report-zlib-RC1.1.pdf\nhttps://github.com/madler/zlib/issues/904\nhttps://github.com/madler/zlib/releases/tag/v1.3.2\nhttps://ostif.org/zlib-audit-complete/"], "threat_severity": "Low"}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,1.3.2)"}}], "enrichment": {"confidence": 95.0, "confidence_source": "inferred", "scores": [{"score": 95.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "zlib", "source": "cna", "vendor": "zlib"}, "product": "zlib", "vendor": "zlib"}], "analysis": {"en": {"generated_at": "2026-04-17T18:48:26.412305+00:00", "value": {"mitigation_remediation": ["Upgrade the zlib library to version 1.3.2 or later, which removes the infinite loop in the CRC32 combine functions.", "Recompile or relink all applications that depend on zlib to use the patched library.", "If an immediate upgrade is not possible, contain the affected processes in a resource\u2011limited container or use CPU throttling to prevent a single process from exhausting system resources.", "Monitor CPU usage for processes that invoke zlib functions, and consider adding watchdog mechanisms to restart hung processes."], "summary": {"action": "Patch Now", "impact": "Denial of Service via CPU exhaustion"}, "threat_synthesis": {"affected_systems": "The affected product is the zlib compression library, supplied by the zlib project. All releases prior to zlib 1.3.2 are vulnerable. Systems that statically or dynamically link against these older zlib versions are impacted.", "description_and_impact": "zlib before version 1.3.2 contains an infinite loop in the crc32_combine64 and crc32_combine_gen64 functions due to the x2nmodp routine performing right shifts inside a loop that never terminates. This flaw consumes excessive CPU time and can cause the process that invokes these functions to hang, resulting in a denial of service. The vulnerability is a local request for service interruption rather than remote code execution.", "risk_and_exploitability": "The CVSS score is 2.9, reflecting low severity. The EPSS score is below 1\u202f%, indicating a very low probability of exploitation in the wild. The vulnerability is not listed in the CISA KEV catalog. Direct exploitation requires an attacker to supply specially crafted data that triggers the infinite loop, suggesting the attack vector is likely local or via a trusted application that processes untrusted input. The low severity and exploitation probability mean the risk is modest, but in environments relying on high availability, the DoS possibility is still operationally significant."}}}}, "created": "2026-02-18T10:33:00.374542+00:00", "updated": "2026-04-17T19:00:11.018844+00:00", "vendors": ["zlib", "zlib$PRODUCT$zlib"]}