Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 620
Alerts This Week
Warning Icon 1 620

Mageia: MGASA-2021-0353 Urgent: AOMedia Memory Vulnerabilities

mageia
Calendar Grey July 16, 2021
Dist Mageia Esm H88
MGASA-2021-0365 Revised AOM software enhances memory management and addresses security vulnerabilities.
aom_image.c in libaom in AOMedia before 2021-04-07 frees memory that is not located on the heap (CVE-2021-30473)

Summary

aom_image.c in libaom in AOMedia before 2021-04-07 frees memory that is not located on the heap (CVE-2021-30473).
aom_dsp/grain_table.c in libaom in AOMedia before 2021-03-30 has a use-after-free (CVE-2021-30474).
aom_dsp/noise_model.c in libaom in AOMedia before 2021-03-24 has a buffer overflow (CVE-2021-30475).

References

- https://bugs.mageia.org/show_bug.cgi?id=29144

- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/ZXCI33HXH6YSOGC2LPE2REQLMIDH6US4/

- https://www.cve.org/CVERecord?id=CVE-2021-30473

- https://www.cve.org/CVERecord?id=CVE-2021-30474

- https://www.cve.org/CVERecord?id=CVE-2021-30475

Resolution

SRPMS

- 8/core/aom-2.0.1-3.1.mga8

Severity
important
Lowest
Low
Medium
High
Critical

Publication date: 16 Jul 2021
URL: https://advisories.mageia.org/MGASA-2021-0352.html
Type: security
CVE: CVE-2021-30473, CVE-2021-30474, CVE-2021-30475

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.