MGASA-2023-0280 - Updated libvpx packages fix security vulnerability Publication date: 02 Oct 2023 URL: https://advisories.mageia.org/MGASA-2023-0280.html Type: security Affected Mageia releases: 8, 9 CVE: CVE-2023-5217 Heap buffer overflow in vp8 encoding in libvpx allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. References: - https://bugs.mageia.org/show_bug.cgi?id=32342 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5217 - https://www.openwall.com/lists/oss-security/2023/09/28/5 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5217 SRPMS: - 8/core/libvpx-1.9.0-1.1.mga8 - 9/core/libvpx-1.12.0-1.1.mga9
Mageia 2023-0280: libvpx security update
Heap buffer overflow in vp8 encoding in libvpx allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page
Summary
Heap buffer overflow in vp8 encoding in libvpx allowed a remote attacker
to potentially exploit heap corruption via a crafted HTML page.
References
- https://bugs.mageia.org/show_bug.cgi?id=32342
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5217
- https://www.openwall.com/lists/oss-security/2023/09/28/5
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5217
Resolution
MGASA-2023-0280 - Updated libvpx packages fix security vulnerability
SRPMS
- 8/core/libvpx-1.9.0-1.1.mga8
- 9/core/libvpx-1.12.0-1.1.mga9
Severity
Publication date: 02 Oct 2023
URL: https://advisories.mageia.org/MGASA-2023-0280.html
Type: security
CVE: CVE-2023-5217
News
HOWTOs
Features
About Us
Powered By
