CVE-2026-6100:

Fix a dangling input pointer in :class:`lzma.LZMADecompressor`,
:class:`bz2.BZ2Decompressor`, and internal :class:`!zlib._ZlibDecompressor`
when memory allocation fails with :exc:`MemoryError`, which could let a
subsequent :meth:`!decompress` call read or write through a stale pointer to
the already-released caller buffer.

https://github.com/python/cpython/pull/148479

Index: Modules/_lzmamodule.c
--- Modules/_lzmamodule.c.orig
+++ Modules/_lzmamodule.c
@@ -1112,6 +1112,7 @@ decompress(Decompressor *d, uint8_t *data, size_t len,
     return result;
 
 error:
+    lzs->next_in = NULL;
     Py_XDECREF(result);
     return NULL;
 }
