Описание
Security update for libsndfile
This update for libsndfile fixes the following issues:
- CVE-2021-4156: Fixed heap buffer overflow in flac_buffer_copy that could potentially lead to heap exploitation (bsc#1194006).
Список пакетов
Container containers/milvus:2.4
libsndfile1-1.0.28-5.15.1
Container containers/open-webui:0
libsndfile1-1.0.28-5.15.1
SUSE Linux Enterprise Real Time 15 SP2
libsndfile-devel-1.0.28-5.15.1
libsndfile1-1.0.28-5.15.1
Ссылки
- Link for SUSE-SU-2022:0052-2
- E-Mail link for SUSE-SU-2022:0052-2
- SUSE Security Ratings
- SUSE Bug 1194006
- SUSE CVE CVE-2021-4156 page
Описание
An out-of-bounds read flaw was found in libsndfile's FLAC codec functionality. An attacker who is able to submit a specially crafted file (via tricking a user to open or otherwise) to an application linked with libsndfile and using the FLAC codec, could trigger an out-of-bounds read that would most likely cause a crash but could potentially leak memory information that could be used in further exploitation of other flaws.
Затронутые продукты
Container containers/milvus:2.4:libsndfile1-1.0.28-5.15.1
Container containers/open-webui:0:libsndfile1-1.0.28-5.15.1
SUSE Linux Enterprise Real Time 15 SP2:libsndfile-devel-1.0.28-5.15.1
SUSE Linux Enterprise Real Time 15 SP2:libsndfile1-1.0.28-5.15.1
Ссылки
- CVE-2021-4156
- SUSE Bug 1194006