ELSA-2026-5320

Опубликовано: 07 апр. 2026

Источник: oracle-oval

Платформа: Oracle Linux 7

Описание

ELSA-2026-5320: libvpx security update (IMPORTANT)

[1.3.0-8.0.3]

Fixes heap buffer overflow in libvpx CVE-2026-2447 [Orabug: 39112729]

[1.3.0-8.0.1]

Fixes CVE-2025-5283 vpx_codec_enc_init_multi fix double free on init fail [Orabug: 38103810]

Обновленные пакеты

Oracle Linux 7

Oracle Linux x86_64

libvpx

1.3.0-8.0.3.el7

libvpx-devel

1.3.0-8.0.3.el7

libvpx-utils

1.3.0-8.0.3.el7

Связанные CVE

CVE-2026-2447

Ссылки на источники

Связанные уязвимости

CVE-2026-2447

CVSS3: 8.8

ubuntu

4 месяца назад

Heap buffer overflow in libvpx. This vulnerability was fixed in Firefox 147.0.4, Firefox ESR 140.7.1, Firefox ESR 115.32.1, Thunderbird 140.7.2, and Thunderbird 147.0.2.

CVE-2026-2447

CVSS3: 7.5

redhat

4 месяца назад

Heap buffer overflow in libvpx. This vulnerability was fixed in Firefox 147.0.4, Firefox ESR 140.7.1, Firefox ESR 115.32.1, Thunderbird 140.7.2, and Thunderbird 147.0.2.

CVE-2026-2447

CVSS3: 8.8

nvd

4 месяца назад

Heap buffer overflow in libvpx. This vulnerability was fixed in Firefox 147.0.4, Firefox ESR 140.7.1, Firefox ESR 115.32.1, Thunderbird 140.7.2, and Thunderbird 147.0.2.

CVE-2026-2447

CVSS3: 8.8

debian

4 месяца назад

Heap buffer overflow in libvpx. This vulnerability was fixed in Firefo ...

openSUSE-SU-2026:20253-1

suse-cvrf

4 месяца назад

Security update for MozillaFirefox