Mageia: 2020-0203 Moderate: VLC Media Player Arbitrary Code Execution
mageia
May 8, 2020
Multiple security issues were discovered in the microdns plugin of the VLC media player, which could result in denial of service or potentially the execution of arbitrary code via ...
Summary
Multiple security issues were discovered in the microdns plugin of the
VLC media player, which could result in denial of service or potentially
the execution of arbitrary code via malicious mDNS packets (CVE-2020-6071,
CVE-2020-6072, CVE-2020-6073, CVE-2020-6077, CVE-2020-6078, CVE-2020-6079,
CVE-2020-6080).
VLC has been updated to 3.0.10 to fix theese and other issues.
References
- https://bugs.mageia.org/show_bug.cgi?id=26467
- https://www.videolan.org/security/sb-vlc309.html
- https://code.videolan.org/videolan/vlc-3.0/-/raw/master/NEWS
- https://lists.debian.org/debian-security-announce/2020/msg00074.html
- https://www.cve.org/CVERecord?id=CVE-2019-19721
- https://www.cve.org/CVERecord?id=CVE-2020-6071
- https://www.cve.org/CVERecord?id=CVE-2020-6072
- https://www.cve.org/CVERecord?id=CVE-2020-6073
- https://www.cve.org/CVERecord?id=CVE-2020-6077
- https://www.cve.org/CVERecord?id=CVE-2020-6078
- https://www.cve.org/CVERecord?id=CVE-2020-6079
- https://www.cve.org/CVERecord?id=CVE-2020-6080
Resolution
SRPMS
- 7/tainted/vlc-3.0.10-1.mga7.tainted
- 7/core/vlc-3.0.10-1.mga7
PREVIOUS 
NEXT Severity
important
Lowest
Low
Medium
High
Critical
Publication date: 08 May 2020
URL: https://advisories.mageia.org/MGASA-2020-0203.html
Type: security
CVE: CVE-2019-19721, CVE-2020-6071, CVE-2020-6072, CVE-2020-6073, CVE-2020-6077, CVE-2020-6078, CVE-2020-6079, CVE-2020-6080
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!