CVE-2022-37434: 
MySQL vulnerability analysis and mitigation

zlib through version 1.2.12 contains a heap-based buffer over-read or buffer overflow vulnerability in the inflate function in inflate.c, which can be triggered via a large gzip header extra field. The vulnerability only affects applications that call inflateGetHeader. The issue was discovered by Evgeny Legerov and assigned CVE-2022-37434 (CVE, NVD).

The vulnerability occurs when processing gzip headers with large extra fields through multiple calls to inflate(). If the extra field was larger than the space provided by the user with inflateGetHeader(), and if multiple calls of inflate() delivered the extra header data, then there could be a buffer overflow of the provided space. The issue was initially fixed by ensuring provided space is not exceeded, but this caused crashes in some applications like curl. A second fix was implemented to prevent dereferencing state->head until after checking for NULL (Zlib Commit, OSS Security).

Successful exploitation of this vulnerability could lead to denial of service, disclosure of sensitive information, or potentially arbitrary code execution when processing specially crafted input (Ubuntu, NetApp).

The vulnerability was fixed in zlib with two commits: the initial fix (eff308a) and a follow-up fix (1eb7682) to address crashes. Major operating systems have released patches including Debian (version 1:1.2.11.dfsg-2+deb11u2), Ubuntu, Red Hat, and Fedora. Users should update to patched versions of zlib or affected applications (Debian, Ubuntu).

The vulnerability received significant attention from major vendors who quickly issued patches. Apple included fixes in multiple OS updates including iOS 15.7.1, iOS 16.1, macOS Ventura, and others. NetApp issued advisories and patches for affected products. The curl project identified and reported crashes with the initial fix, leading to the follow-up patch (Apple, NetApp).