Primary

Context

ckolivas lrzip Use-After-Free Vulnerability in lzma_decompress_buf Function

Vulnerability

A use-after-free vulnerability has been identified in ckolivas lrzip versions through 0.651. This issue occurs in the lzma_decompress_buf function within stream.c, where ucthreads can be freed in clear_rulist and concurrently accessed in lzma_decompress_buf. The vulnerability requires local exploitation and has been publicly disclosed along with a proof-of-concept exploit.

Impact

Exploitation of this vulnerability leads to a heap-based use-after-free condition, allowing for potential arbitrary code execution.

Reproduction

The vulnerability can be reproduced by inserting delays in the lrzip source code to create a race condition. After compiling lrzip with AddressSanitizer enabled, the modified binary can be run with a crafted input that triggers the use-after-free condition, resulting in an AddressSanitizer error report.

Added: Feb 10, 2026, 2:27 PM

Updated: Feb 10, 2026, 3:27 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.2

remediation

0.0

relevance

2.9

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.2

remediation

0.0

relevance

2.9

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

ckolivas lrzip Use-After-Free Vulnerability in lzma_decompress_buf Function

Vulnerability

Impact

Reproduction

Affected Products

ckolivas lrzip

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating