Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2022:0034-1

Опубликовано: 05 янв. 2022
Источник: suse-cvrf

Описание

Security update for libsndfile

This update for libsndfile fixes the following issues:

  • CVE-2021-4156: Fixed heap buffer overflow in flac_buffer_copy that could potentially lead to heap exploitation (bsc#1194006).

Список пакетов

HPE Helion OpenStack 8
libsndfile1-1.0.25-36.26.1
libsndfile1-32bit-1.0.25-36.26.1
SUSE Linux Enterprise Server 12 SP2-BCL
libsndfile1-1.0.25-36.26.1
libsndfile1-32bit-1.0.25-36.26.1
SUSE Linux Enterprise Server 12 SP3-BCL
libsndfile1-1.0.25-36.26.1
libsndfile1-32bit-1.0.25-36.26.1
SUSE Linux Enterprise Server 12 SP3-LTSS
libsndfile1-1.0.25-36.26.1
libsndfile1-32bit-1.0.25-36.26.1
SUSE Linux Enterprise Server 12 SP4-LTSS
libsndfile1-1.0.25-36.26.1
libsndfile1-32bit-1.0.25-36.26.1
SUSE Linux Enterprise Server 12 SP5
libsndfile1-1.0.25-36.26.1
libsndfile1-32bit-1.0.25-36.26.1
SUSE Linux Enterprise Server for SAP Applications 12 SP3
libsndfile1-1.0.25-36.26.1
libsndfile1-32bit-1.0.25-36.26.1
SUSE Linux Enterprise Server for SAP Applications 12 SP4
libsndfile1-1.0.25-36.26.1
libsndfile1-32bit-1.0.25-36.26.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5
libsndfile1-1.0.25-36.26.1
libsndfile1-32bit-1.0.25-36.26.1
SUSE Linux Enterprise Software Development Kit 12 SP5
libsndfile-devel-1.0.25-36.26.1
SUSE OpenStack Cloud 8
libsndfile1-1.0.25-36.26.1
libsndfile1-32bit-1.0.25-36.26.1
SUSE OpenStack Cloud 9
libsndfile1-1.0.25-36.26.1
libsndfile1-32bit-1.0.25-36.26.1
SUSE OpenStack Cloud Crowbar 8
libsndfile1-1.0.25-36.26.1
libsndfile1-32bit-1.0.25-36.26.1
SUSE OpenStack Cloud Crowbar 9
libsndfile1-1.0.25-36.26.1
libsndfile1-32bit-1.0.25-36.26.1

Ссылки

Описание

An out-of-bounds read flaw was found in libsndfile's FLAC codec functionality. An attacker who is able to submit a specially crafted file (via tricking a user to open or otherwise) to an application linked with libsndfile and using the FLAC codec, could trigger an out-of-bounds read that would most likely cause a crash but could potentially leak memory information that could be used in further exploitation of other flaws.

Затронутые продукты
HPE Helion OpenStack 8:libsndfile1-1.0.25-36.26.1
HPE Helion OpenStack 8:libsndfile1-32bit-1.0.25-36.26.1
SUSE Linux Enterprise Server 12 SP2-BCL:libsndfile1-1.0.25-36.26.1
SUSE Linux Enterprise Server 12 SP2-BCL:libsndfile1-32bit-1.0.25-36.26.1
Ссылки