ALT-PU-2020-3189-1
Closed vulnerabilities
Published: 2019-08-25
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2019-15540
filters/filter-cso/filter-stream.c in the CSO filter in libMirage 3.2.2 in CDemu does not validate the part size, triggering a heap-based buffer overflow that can lead to root access by a local Linux user.
Severity: HIGH (7.8)
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
- openSUSE-SU-2019:2033
- openSUSE-SU-2019:2033
- openSUSE-SU-2019:2040
- openSUSE-SU-2019:2040
- openSUSE-SU-2019:2077
- openSUSE-SU-2019:2077
- https://gist.github.com/andreafioraldi/baa79cd78131888d98d6ba680d5f514e
- https://gist.github.com/andreafioraldi/baa79cd78131888d98d6ba680d5f514e
- https://sourceforge.net/p/cdemu/bugs/119/
- https://sourceforge.net/p/cdemu/bugs/119/
- https://sourceforge.net/p/cdemu/code/ci/0e9292c9aa34bf545f43f7efe5f0b94faba94962/
- https://sourceforge.net/p/cdemu/code/ci/0e9292c9aa34bf545f43f7efe5f0b94faba94962/
Published: 2019-08-29
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2019-15757
libMirage 3.2.2 in CDemu has a NULL pointer dereference in the NRG parser in parser.c.
Severity: MEDIUM (6.5)
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
References:
- openSUSE-SU-2019:2095
- openSUSE-SU-2019:2095
- openSUSE-SU-2019:2096
- openSUSE-SU-2019:2096
- openSUSE-SU-2019:2129
- openSUSE-SU-2019:2129
- https://gist.github.com/andreafioraldi/343d9ba64060b548c02362a5e61ec932
- https://gist.github.com/andreafioraldi/343d9ba64060b548c02362a5e61ec932
- https://sourceforge.net/p/cdemu/bugs/118/
- https://sourceforge.net/p/cdemu/bugs/118/