CVE-2026-32829: Lz4 Improper Offset Clamping
A decompression match offset is improperly clamped using `min()` or `saturating_sub()` instead of properly returning an out-of-bounds error. If an invalid offset is clamped (e.g., to 0 or output length), it can cause the decompressor to copy uninitialized memory to the output, leading to information disclosure. Use explicit bounds checks or `overflowing_sub(
greprules fetch cve-2026-32829-lz4-improper-offset-clamping --engine opengrepDescription
A decompression match offset is improperly clamped using `min()` or `saturating_sub()` instead of properly returning an out-of-bounds error. If an invalid offset is clamped (e.g., to 0 or output length), it can cause the decompressor to copy uninitialized memory to the output, leading to information disclosure. Use explicit bounds checks or `overflowing_sub(
Detection target
Not provided
Recommended fix
Not provided
False-positive notes
Not provided
Community feedback
Sign in to report false positives, mark this rule useful, or suggest metadata improvements.