Описание
An issue was discovered in zlib_decompress_extra in modules/demux/mkv/util.cpp in VideoLAN VLC media player 3.x through 3.0.7. The Matroska demuxer, while parsing a malformed MKV file type, has a double free.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 3.0.7.1-0ubuntu18.04.1 |
| cosmic | ignored | end of life |
| devel | not-affected | 3.0.7.1-3 |
| disco | released | 3.0.7.1-0ubuntu19.04.1 |
| eoan | not-affected | 3.0.7.1-3 |
| esm-apps/bionic | released | 3.0.7.1-0ubuntu18.04.1 |
| esm-apps/focal | not-affected | 3.0.7.1-3 |
| esm-apps/jammy | not-affected | 3.0.7.1-3 |
| esm-apps/noble | not-affected | 3.0.7.1-3 |
| esm-apps/xenial | needed |
Показывать по
EPSS
7.5 High
CVSS2
9.8 Critical
CVSS3
Связанные уязвимости
An issue was discovered in zlib_decompress_extra in modules/demux/mkv/util.cpp in VideoLAN VLC media player 3.x through 3.0.7. The Matroska demuxer, while parsing a malformed MKV file type, has a double free.
An issue was discovered in zlib_decompress_extra in modules/demux/mkv/ ...
An issue was discovered in zlib_decompress_extra in modules/demux/mkv/util.cpp in VideoLAN VLC media player 3.x through 3.0.7. The Matroska demuxer, while parsing a malformed MKV file type, has a double free.
Уязвимость функции zlib_decompress_extra программы-медиапроигрывателя VideoLAN VLC, связанная с использованием после освобождения, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
EPSS
7.5 High
CVSS2
9.8 Critical
CVSS3