#14852 closed enhancement (fixed)
flac security fix
| Reported by: | Owned by: | ||
|---|---|---|---|
| Priority: | normal | Milestone: | 11.0 |
| Component: | BOOK | Version: | SVN |
| Severity: | normal | Keywords: | |
| Cc: |
Description (last modified by )
In FLACbitreader_read_rice_signed_block of bitreader.c,
there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.
Fixed upstream but no new release.
CVE-2020-0490
Change History (5)
comment:1 by , 3 years ago
| Description: | modified (diff) |
|---|---|
| Owner: | changed from to |
| Status: | new → assigned |
comment:2 by , 3 years ago
comment:4 by , 3 years ago
| Resolution: | → fixed |
|---|---|
| Status: | assigned → closed |
Note:
See TracTickets
for help on using tickets.
Book updated at r24429.