CVE-2026-2219 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

It was discovered that dpkg-deb (a component of dpkg, the Debian package management system) does not properly validate the end of the data stream when uncompres…
High CVSS: 7.5

CVE-2026-2219

It was discovered that dpkg-deb (a component of dpkg, the Debian package management system) does not properly validate the end of the data stream when uncompressing a zstd-compressed .deb archive, which may result in denial of service (infinite loop spinning the CPU).
Vendor
-
Product
-
CWE
CWE-835
Yayın Tarihi
2026-03-07 09:16:07
Güncelleme
2026-03-09 15:15:57
Source Identifier
security@debian.org
KEV Date Added
-

Kategoriler

CWE-835 HIGH 2026

Referanslar

https://bugs.debian.org/1129722 https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=6610297a62c0780dd0e80b0e302ef64fdcc9d313