Alerts This Week
Warning Icon 1 700
Alerts This Week
Warning Icon 1 700

Gentoo GLSA-202310-15 Critical: Libsndfile Buffer Overflow Exploit

gentoo
Calendar Grey October 7, 2007
Dist Gentoo Esm H88
A vulnerability within libsndfile may permit remote code execution through a compromised FLAC file. Users are urged to update.
A buffer overflow vulnerability has been discovered in libsndfile.

Summary

Gentoo Linux Security Advisory GLSA 200710-04 https://security.gentoo.org/ Severity: Normal Title: libsndfile: Buffer overflow Date: October 07, 2007 Bugs: #192834 ID: 200710-04

Synopsis ======= A buffer overflow vulnerability has been discovered in libsndfile.
Background ========= libsndfile is a library for reading and writing various formats of audio files including WAV and FLAC.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 media-libs/libsndfile < 1.0.17-r1 >= 1.0.17-r1
========== Robert Buchholz of the Gentoo Security team discovered that the flac_buffer_copy() function does not correctly handle FLAC streams with variable block sizes which leads to a heap-bas...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory gentoo buffer overflow remote code execution libsndfile

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Severity
critical
Lowest
Low
Medium
High
Critical


Warning: Undefined array key "advisory_info" in /var/www/www.linuxsecurity.com-443/html/tmp/regularlabs/custom_php/3997206_4c9dbbdde36eef04251a4ced7eac4df9 on line 11

Topics%20covered

Topics Covered

security advisory gentoo buffer overflow remote code execution libsndfile

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround

Related News

Your message here