MGASA-2022-0085

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2022-0085.html

Import Source

https://advisories.mageia.org/MGASA-2022-0085.json

JSON Data

https://api.test.osv.dev/v1/vulns/MGASA-2022-0085

Related

CVE-2021-0561

Published

2022-03-06T10:40:17Z

Modified

2022-03-06T09:54:01Z

Summary

Updated flac packages fix security vulnerability

Details

In appendtoverifyfifointerleaved_ of stream_encoder.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. (CVE-2021-0561)

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:8 / flac

Package

Name: flac
Purl: pkg:rpm/mageia/flac?distro=mageia-8

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.3.3-3.1.mga8

Ecosystem specific

{
    "section": "core"
}