Name: zlib
CVEs: CVE-2026-27171
CVSSs: 2.9
Action Needed: update to >= 1.3.2
Summary: zlib before 1.3.2 allows CPU consumption via crc32_combine64 and crc32_combine_gen64 because x2nmodp can do right shifts within a loop that has no termination condition.
See also https://bugzilla.redhat.com/show_bug.cgi?id=2440530, madler/zlib#904.
refmap.gentoo: https://bugs.gentoo.org/970211
Name: zlib
CVEs: CVE-2026-27171
CVSSs: 2.9
Action Needed: update to >= 1.3.2
Summary: zlib before 1.3.2 allows CPU consumption via crc32_combine64 and crc32_combine_gen64 because x2nmodp can do right shifts within a loop that has no termination condition.
See also https://bugzilla.redhat.com/show_bug.cgi?id=2440530, madler/zlib#904.
refmap.gentoo: https://bugs.gentoo.org/970211