Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2021-0561

Опубликовано: 23 фев. 2022
Источник: redhat
CVSS3: 5.5

Описание

In append_to_verify_fifo_interleaved_ of stream_encoder.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-174302683

An out-of-bounds write vulnerability was found in libFlak. The vulnerability occurs due to a missing bounds check. This flaw allows a local attacker without additional execution privileges to cause local information disclosure.

Отчет

Red Hat Enterprise Linux 6, 7, 8, and 9 are affected because the code-base is affected by this vulnerability. Red Hat Product Security has rated this issue as having a Moderate security impact, and the issue is not currently planned to be addressed in future updates for Red Hat Enterprise Linux 6 and 7, hence, marked as Out-of-Support-Scope. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/ and Red Hat Enterprise Linux Life Cycle & Updates Policy: https://access.redhat.com/support/policy/updates/errata/.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6flacOut of support scope
Red Hat Enterprise Linux 7flacOut of support scope
Red Hat Enterprise Linux 8flacWill not fix
Red Hat Enterprise Linux 9flacFixedRHSA-2022:807815.11.2022

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-787
https://bugzilla.redhat.com/show_bug.cgi?id=2057776flac: out of bound write in append_to_verify_fifo_interleaved_ of stream_encoder.c

5.5 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2021-0561

CVSS3: 5.5
ubuntu
около 4 лет назад

In append_to_verify_fifo_interleaved_ of stream_encoder.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-174302683

nvd логотип

CVE-2021-0561

CVSS3: 5.5
nvd
около 4 лет назад

In append_to_verify_fifo_interleaved_ of stream_encoder.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-174302683

debian логотип

CVE-2021-0561

CVSS3: 5.5
debian
около 4 лет назад

In append_to_verify_fifo_interleaved_ of stream_encoder.c, there is a ...

suse-cvrf логотип

openSUSE-SU-2022:0815-1

suse-cvrf
больше 3 лет назад

Security update for flac

suse-cvrf логотип

SUSE-SU-2022:0815-1

suse-cvrf
больше 3 лет назад

Security update for flac

5.5 Medium

CVSS3