Описание
ELSA-2021-3295: libsndfile security update (IMPORTANT)
[1.0.25-12.1]
- a crafted wav file could cause heap buffer overflow that allowed an arbitrary code execution(#1985024)
Обновленные пакеты
Oracle Linux 7
Oracle Linux aarch64
libsndfile
1.0.25-12.el7_9.1
libsndfile-devel
1.0.25-12.el7_9.1
libsndfile-utils
1.0.25-12.el7_9.1
Oracle Linux x86_64
libsndfile
1.0.25-12.el7_9.1
libsndfile-devel
1.0.25-12.el7_9.1
libsndfile-utils
1.0.25-12.el7_9.1
Связанные CVE
Связанные уязвимости
A heap buffer overflow vulnerability in msadpcm_decode_block of libsndfile 1.0.30 allows attackers to execute arbitrary code via a crafted WAV file.
A heap buffer overflow vulnerability in msadpcm_decode_block of libsndfile 1.0.30 allows attackers to execute arbitrary code via a crafted WAV file.
A heap buffer overflow vulnerability in msadpcm_decode_block of libsndfile 1.0.30 allows attackers to execute arbitrary code via a crafted WAV file.
A heap buffer overflow vulnerability in msadpcm_decode_block of libsnd ...