2023-02-26
ALT-BU-2023-2710-1
Branch sisyphus_e2k update bulletin.
Package fdkaac updated to version 1.0.5-alt1 for branch sisyphus_e2k.
Closed vulnerabilities
Published: 2022-08-17
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2022-37781
fdkaac v1.0.3 was discovered to contain a heap buffer overflow via __interceptor_memcpy.part.46 at /sanitizer_common/sanitizer_common_interceptors.inc.
Severity: HIGH (7.8)
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
References:
Published: 2023-06-14
Modified: 2025-01-03
Modified: 2025-01-03
CVE-2023-34823
fdkaac before 1.0.5 was discovered to contain a stack overflow in read_callback function in src/main.c.
Severity: MEDIUM (5.5)
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
References:
Published: 2023-06-14
Modified: 2025-01-03
Modified: 2025-01-03
CVE-2023-34824
fdkaac before 1.0.5 was discovered to contain a heap buffer overflow in caf_info function in caf_reader.c.
Severity: MEDIUM (5.5)
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
References: