Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2021-3295

Опубликовано: 30 авг. 2021
Источник: oracle-oval
Платформа: Oracle Linux 7

Описание

ELSA-2021-3295: libsndfile security update (IMPORTANT)

[1.0.25-12.1]

  • a crafted wav file could cause heap buffer overflow that allowed an arbitrary code execution(#1985024)

Обновленные пакеты

Oracle Linux 7

Oracle Linux aarch64

libsndfile

1.0.25-12.el7_9.1

libsndfile-devel

1.0.25-12.el7_9.1

libsndfile-utils

1.0.25-12.el7_9.1

Oracle Linux x86_64

libsndfile

1.0.25-12.el7_9.1

libsndfile-devel

1.0.25-12.el7_9.1

libsndfile-utils

1.0.25-12.el7_9.1

Связанные CVE

Связанные уязвимости

CVSS3: 8.8
ubuntu
около 4 лет назад

A heap buffer overflow vulnerability in msadpcm_decode_block of libsndfile 1.0.30 allows attackers to execute arbitrary code via a crafted WAV file.

CVSS3: 8.8
redhat
около 4 лет назад

A heap buffer overflow vulnerability in msadpcm_decode_block of libsndfile 1.0.30 allows attackers to execute arbitrary code via a crafted WAV file.

CVSS3: 8.8
nvd
около 4 лет назад

A heap buffer overflow vulnerability in msadpcm_decode_block of libsndfile 1.0.30 allows attackers to execute arbitrary code via a crafted WAV file.

CVSS3: 8.8
debian
около 4 лет назад

A heap buffer overflow vulnerability in msadpcm_decode_block of libsnd ...

suse-cvrf
около 4 лет назад

Security update for libsndfile