Opened 17 months ago

Closed 17 months ago

Last modified 13 months ago

#14852 closed enhancement (fixed)

flac security fix

Reported by: ken@… Owned by: ken@…
Priority: normal Milestone: 11.0
Component: BOOK Version: SVN
Severity: normal Keywords:

Description (last modified by ken@…)

In FLACbitreader_read_rice_signed_block of bitreader.c,

there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.

Fixed upstream but no new release.


Change History (5)

comment:1 by ken@…, 17 months ago

Description: modified (diff)
Owner: changed from blfs-book to ken@…
Status: newassigned

comment:2 by ken@…, 17 months ago

Book updated at r24429.

comment:3 by ken@…, 17 months ago

Advisory 10.1 022 added.

comment:4 by ken@…, 17 months ago

Resolution: fixed
Status: assignedclosed

comment:5 by Bruce Dubbs, 13 months ago

Milestone: 10.211.0

Milestone renamed

Note: See TracTickets for help on using tickets.