libcue provides an API for parsing and extracting data from CUE sheets. Versions 2.2.1 and prior are vulnerable to out-of-bounds array access. A user of the GNOME desktop environment can be exploited by downloading a cue sheet from a malicious webpage. Because the file is saved to ~/Downloads
, it is then automatically scanned by tracker-miners. And because it has a .cue filename extension, tracker-miners use libcue to parse the file. The file exploits the vulnerability in libcue to gain code execution. This issue is patched in version 2.3.0.
{ "availability": "No subscription required", "binaries": [ { "binary_name": "libcue-dev", "binary_version": "2.2.1-2ubuntu0.1" }, { "binary_name": "libcue2", "binary_version": "2.2.1-2ubuntu0.1" }, { "binary_name": "libcue2-dbgsym", "binary_version": "2.2.1-2ubuntu0.1" } ], "ubuntu_priority": "medium" }
{ "availability": "No subscription required", "binaries": [ { "binary_name": "libcue-dev", "binary_version": "2.2.1-3ubuntu0.1" }, { "binary_name": "libcue2", "binary_version": "2.2.1-3ubuntu0.1" }, { "binary_name": "libcue2-dbgsym", "binary_version": "2.2.1-3ubuntu0.1" } ], "ubuntu_priority": "medium" }
{ "availability": "No subscription required", "binaries": [ { "binary_name": "libcue-dev", "binary_version": "2.2.1-4ubuntu1" }, { "binary_name": "libcue2", "binary_version": "2.2.1-4ubuntu1" }, { "binary_name": "libcue2-dbgsym", "binary_version": "2.2.1-4ubuntu1" } ], "ubuntu_priority": "medium" }