ALT-PU-2025-3029-1
Package vorbis-tools updated to version 1.4.2-alt2 for branch sisyphus_riscv64.
Closed vulnerabilities
Published: 2023-10-02
BDU:2024-02625
Уязвимость пакета Vorbis-tools, связанная с возможностью записи за границами буфера в памяти, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код
Severity: HIGH (7.8)
Vector: AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
References:
Published: 2023-10-03
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2023-43361
Buffer Overflow vulnerability in Vorbis-tools v.1.4.2 allows a local attacker to execute arbitrary code and cause a denial of service during the conversion of wav files to ogg files.
Severity: HIGH (7.8)
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
References:
- https://github.com/xiph/vorbis
- https://github.com/xiph/vorbis
- https://github.com/xiph/vorbis-tools
- https://github.com/xiph/vorbis-tools
- https://github.com/xiph/vorbis-tools/issues/41
- https://github.com/xiph/vorbis-tools/issues/41
- FEDORA-2024-faff3dd9d6
- FEDORA-2024-faff3dd9d6
- FEDORA-2024-5f8da7c1f1
- FEDORA-2024-5f8da7c1f1
- https://xiph.org/vorbis/
- https://xiph.org/vorbis/