Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2018-4022

Опубликовано: 26 окт. 2018
Источник: debian

Описание

A use-after-free vulnerability exists in the way MKVToolNix MKVINFO v25.0.0 handles the MKV (matroska) file format. A specially crafted MKV file can cause arbitrary code execution in the context of the current user.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
mkvtoolnixfixed28.2.0-1package
mkvtoolnixnot-affectedstretchpackage
mkvtoolnixnot-affectedjessiepackage

Примечания

  • https://talosintelligence.com/vulnerability_reports/TALOS-2018-0694

  • https://gitlab.com/mbunkus/mkvtoolnix/commit/43021d16c7bcd3f9f70214827755a5163782b633

Связанные уязвимости

ubuntu логотип

CVE-2018-4022

CVSS3: 7.8
ubuntu
больше 7 лет назад

A use-after-free vulnerability exists in the way MKVToolNix MKVINFO v25.0.0 handles the MKV (matroska) file format. A specially crafted MKV file can cause arbitrary code execution in the context of the current user.

nvd логотип

CVE-2018-4022

CVSS3: 7.8
nvd
больше 7 лет назад

A use-after-free vulnerability exists in the way MKVToolNix MKVINFO v25.0.0 handles the MKV (matroska) file format. A specially crafted MKV file can cause arbitrary code execution in the context of the current user.

suse-cvrf логотип

openSUSE-SU-2018:3819-1

suse-cvrf
около 7 лет назад

Security update for libmatroska, mkvtoolnix

github логотип

GHSA-jxj9-2h46-gwf3

CVSS3: 7.8
github
больше 3 лет назад

A use-after-free vulnerability exists in the way MKVToolNix MKVINFO v25.0.0 handles the MKV (matroska) file format. A specially crafted MKV file can cause arbitrary code execution in the context of the current user.