Alerts This Week
Warning Icon 1 535
Alerts This Week
Warning Icon 1 535

Mageia 8 MGASA-2022-0236 Critical: Exempi Memory Corruption Issue

mageia
Calendar Grey June 18, 2022
Dist Mageia Esm H88
Mageia has released updates for exempi packages to tackle serious out-of-bounds read vulnerabilities along with various other security concerns. Learn how this affects your system's security
XMP Toolkit SDK versions 2020.1 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of arbitrary memory

Summary

XMP Toolkit SDK versions 2020.1 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of arbitrary memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. (CVE-2021-36045)
XMP Toolkit version 2020.1 (and earlier) is affected by a memory corruption vulnerability, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. (CVE-2021-36046)
XMP Toolkit SDK version 2020.1 (and earlier) is affected by an Improper Input Validation vulnerability potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file. (CVE-2021-36047)
XMP Toolkit SDK version 2020.1 (and earlier) is affected by an Improper Input Validation vulnerability potent...

Read the Full Advisory

References

- https://bugs.mageia.org/show_bug.cgi?id=30557

- https://ubuntu.com/security/notices/USN-5483-1

- https://www.cve.org/CVERecord?id=CVE-2021-36045

- https://www.cve.org/CVERecord?id=CVE-2021-36046

- https://www.cve.org/CVERecord?id=CVE-2021-36047

- https://www.cve.org/CVERecord?id=CVE-2021-36048

- https://www.cve.org/CVERecord?id=CVE-2021-36050

- https://www.cve.org/CVERecord?id=CVE-2021-36051

- https://www.cve.org/CVERecord?id=CVE-2021-36052

- https://www.cve.org/CVERecord?id=CVE-2021-36053

- https://www.cve.org/CVERecord?id=CVE-2021-36054

- https://www.cve.org/CVERecord?id=CVE-2021-36055

- https://www.cve.org/CVERecord?id=CVE-2021-36056

- https://www.cve.org/CVERecord?id=CVE-2021-36058

- https://www.cve.org/CVERecord?id=CVE-2021-36064

- https://www.cve.org/CVERecord?id=CVE-2021-39847

- https://www.cve.org/CVERecord?id=CVE-2021-40716

- https://www.cve.org/CVERecord?id=CVE-2021-40732

- https://www.cve.org/CVERecord?id=CVE-2021-42528

- https://www.cve.org/CVERecord?id=CVE-2021-42529

- https://www.cve.org/CVERecord?id=CVE-2021-42530

- https://www.cve.org/CVERecord?id=CVE-2021-42531

- https://www.cve.org/CVERecord?id=CVE-2021-42532

Topics%20covered

Topics Covered

security advisory buffer overflow code execution memory corruption out-of-bounds read exempi Mageia

Resolution

SRPMS

- 8/core/exempi-2.5.1-2.1.mga8

Severity
critical
Lowest
Low
Medium
High
Critical

Publication date: 18 Jun 2022
URL: https://advisories.mageia.org/MGASA-2022-0236.html
Type: security
CVE: CVE-2021-36045, CVE-2021-36046, CVE-2021-36047, CVE-2021-36048, CVE-2021-36050, CVE-2021-36051, CVE-2021-36052, CVE-2021-36053, CVE-2021-36054, CVE-2021-36055, CVE-2021-36056, CVE-2021-36058, CVE-2021-36064, CVE-2021-39847, CVE-2021-40716, CVE-2021-40732, CVE-2021-42528, CVE-2021-42529, CVE-2021-42530, CVE-2021-42531, CVE-2021-42532

Topics%20covered

Topics Covered

security advisory buffer overflow code execution memory corruption out-of-bounds read exempi Mageia

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here