Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
Out-of-control CPU usage in zlib compression
OESA-2026-1583
Summary
A security update is available for zlib, a library used for data compression. If not updated, attackers could cause a denial of service by consuming excessive CPU resources. Update to the latest version of zlib to prevent this issue.
What to do
- Update zlib to version 1.2.13-5.oe2403.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| – | zlib | <= 1.2.13-5.oe2403 | 1.2.13-5.oe2403 |
Original title
zlib security update
Original description
Security Fix(es):
zlib before 1.3.2 allows CPU consumption via crc32_combine64 and crc32_combine_gen64 because x2nmodp can do right shifts within a loop that has no termination condition.(CVE-2026-27171)
zlib before 1.3.2 allows CPU consumption via crc32_combine64 and crc32_combine_gen64 because x2nmodp can do right shifts within a loop that has no termination condition.(CVE-2026-27171)
- https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA... Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2026-27171 Vendor Advisory
Published: 15 Mar 2026 · Updated: 15 Mar 2026 · First seen: 15 Mar 2026