Описание
An error in the "read_metadata_vorbiscomment_()" function (src/libFLAC/stream_decoder.c) in FLAC version 1.3.2 can be exploited to cause a memory leak via a specially crafted FLAC file.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| flac | fixed | 1.3.2-2 | package | |
| flac | no-dsa | jessie | package | |
| flac | no-dsa | wheezy | package |
Примечания
https://secuniaresearch.flexerasoftware.com/secunia_research/2017-7/
https://github.com/xiph/flac/commit/4f47b63e9c971e6391590caf00a0f2a5ed612e67 (1.3.3)
https://android.googlesource.com/platform/external/flac/+/4f47b63e9c971e6391590caf00a0f2a5ed612e67
EPSS
Связанные уязвимости
An error in the "read_metadata_vorbiscomment_()" function (src/libFLAC/stream_decoder.c) in FLAC version 1.3.2 can be exploited to cause a memory leak via a specially crafted FLAC file.
An error in the "read_metadata_vorbiscomment_()" function (src/libFLAC/stream_decoder.c) in FLAC version 1.3.2 can be exploited to cause a memory leak via a specially crafted FLAC file.
An error in the "read_metadata_vorbiscomment_()" function (src/libFLAC/stream_decoder.c) in FLAC version 1.3.2 can be exploited to cause a memory leak via a specially crafted FLAC file.
EPSS