Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
Old version of zlib uses CPU in an infinite loop
OESA-2026-1585
Summary
An outdated version of zlib is allowing attackers to use up computer resources. This can slow down your system or make it unresponsive. Update your zlib to version 1.3.2 or later to fix this issue.
What to do
- Update zlib to version 1.2.13-5.oe2403sp2.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| – | zlib | <= 1.2.13-5.oe2403sp2 | 1.2.13-5.oe2403sp2 |
Original title
zlib security update
Original description
Security Fix(es):
zlib before 1.3.2 allows CPU consumption via crc32_combine64 and crc32_combine_gen64 because x2nmodp can do right shifts within a loop that has no termination condition.(CVE-2026-27171)
zlib before 1.3.2 allows CPU consumption via crc32_combine64 and crc32_combine_gen64 because x2nmodp can do right shifts within a loop that has no termination condition.(CVE-2026-27171)
- https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA... Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2026-27171 Vendor Advisory
Published: 15 Mar 2026 · Updated: 15 Mar 2026 · First seen: 15 Mar 2026