Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Mageia 9: MGASA-2024-0249 Moderate: eSpeak NG Denial of Service Risk

mageia
Calendar Grey July 2, 2024
Dist Mageia Esm H88
Recent enhancements to eSpeak NG packages tackle memory handling vulnerabilities, which could lead to denial of service attacks or the execution of arbitrary code.
It was discovered that eSpeak NG did not properly manage memory under certain circumstances

Summary

It was discovered that eSpeak NG did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause a denial of service, or execute arbitrary code.

References

- https://bugs.mageia.org/show_bug.cgi?id=33348

- https://ubuntu.com/security/notices/USN-6858-1

- https://www.cve.org/CVERecord?id=CVE-2023-49990

- https://www.cve.org/CVERecord?id=CVE-2023-49991

- https://www.cve.org/CVERecord?id=CVE-2023-49992

- https://www.cve.org/CVERecord?id=CVE-2023-49993

- https://www.cve.org/CVERecord?id=CVE-2023-49994

Topics%20covered

Topics Covered

security advisory denial of service moderate threat arbitrary code memory management Mageia eSpeak NG

Resolution

SRPMS

- 9/core/espeak-ng-1.51.1-1.1.mga9

Publication date: 02 Jul 2024
URL: https://advisories.mageia.org/MGASA-2024-0249.html
Type: security
CVE: CVE-2023-49990, CVE-2023-49991, CVE-2023-49992, CVE-2023-49993, CVE-2023-49994

Topics%20covered

Topics Covered

security advisory denial of service moderate threat arbitrary code memory management Mageia eSpeak NG

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here