Explore top 10 tips to secure your open-source projects now. Read More
×
Stack-based buffer overflow vulnerability exists in orcparse.c of ORC
versions prior to 0.4.39. If a developer is tricked to process a
specially crafted file with the affected ORC compiler, an arbitrary code
may be executed on the developer's build environment. This may lead to
compromise of developer machines or CI build environments.
(CVE-2024-40897)
- https://bugs.mageia.org/show_bug.cgi?id=33529
- https://ubuntu.com/security/notices/USN-6964-1
- https://www.cve.org/CVERecord?id=CVE-2024-40897
- 9/core/orc-0.4.33-1.1.mga9
Get the latest Linux and open source security news straight to your inbox.