Описание
ELSA-2022-1968: libsndfile security update (MODERATE)
[1.0.28-12]
- fix heap buffer overflow in flac (#2030507)
[1.0.28-11]
- a crafted wav file could cause heap buffer overflow that allowed an arbitrary code execution(#1985028)
Обновленные пакеты
Oracle Linux 8
Oracle Linux aarch64
libsndfile
1.0.28-12.el8
libsndfile-devel
1.0.28-12.el8
Oracle Linux x86_64
libsndfile
1.0.28-12.el8
libsndfile-devel
1.0.28-12.el8
Связанные CVE
Связанные уязвимости
An out-of-bounds read flaw was found in libsndfile's FLAC codec functionality. An attacker who is able to submit a specially crafted file (via tricking a user to open or otherwise) to an application linked with libsndfile and using the FLAC codec, could trigger an out-of-bounds read that would most likely cause a crash but could potentially leak memory information that could be used in further exploitation of other flaws.
An out-of-bounds read flaw was found in libsndfile's FLAC codec functionality. An attacker who is able to submit a specially crafted file (via tricking a user to open or otherwise) to an application linked with libsndfile and using the FLAC codec, could trigger an out-of-bounds read that would most likely cause a crash but could potentially leak memory information that could be used in further exploitation of other flaws.
An out-of-bounds read flaw was found in libsndfile's FLAC codec functionality. An attacker who is able to submit a specially crafted file (via tricking a user to open or otherwise) to an application linked with libsndfile and using the FLAC codec, could trigger an out-of-bounds read that would most likely cause a crash but could potentially leak memory information that could be used in further exploitation of other flaws.
An out-of-bounds read flaw was found in libsndfile's FLAC codec functi ...
