ELSA-2025-9331

Опубликовано: 08 июл. 2025

Источник: oracle-oval

Платформа: Oracle Linux 7

Описание

ELSA-2025-9331: libvpx security update (IMPORTANT)

[1.3.0-8.0.1]

Fixes CVE-2025-5283 vpx_codec_enc_init_multi fix double free on init fail [Orabug: 38103810]

Обновленные пакеты

Oracle Linux 7

Oracle Linux x86_64

libvpx

1.3.0-8.0.1.el7

libvpx-devel

1.3.0-8.0.1.el7

libvpx-utils

1.3.0-8.0.1.el7

Связанные CVE

CVE-2025-5283

Ссылки на источники

Связанные уязвимости

CVE-2025-5283

CVSS3: 5.4

ubuntu

2 месяца назад

Use after free in libvpx in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

CVE-2025-5283

CVSS3: 8.1

redhat

2 месяца назад

Use after free in libvpx in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

CVE-2025-5283

CVSS3: 5.4

nvd

2 месяца назад

Use after free in libvpx in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

CVE-2025-5283

msrc

2 месяца назад

Chromium: CVE-2025-5283 Use after free in libvpx

CVE-2025-5283

CVSS3: 5.4

debian

2 месяца назад

Use after free in libvpx in Google Chrome prior to 137.0.7151.55 allow ...