Alerts This Week
Warning Icon 1 1,111
Alerts This Week
Warning Icon 1 1,111

Mageia 9 MGASA-2025-0057: FFmpeg buffer overflow and DoS threat

mageia
Calendar Grey February 12, 2025
Dist Mageia Esm H88
MGASA-2025-0058 highlights a serious security flaw in VLC media player that could result in unauthorized access and service disruptions on Mageia version 9. Read the report for more details
A buffer overflow vulnerability in FFmpeg version n6.1-3-g466799d4f5, allows a local attacker to execute arbitrary code and cause a denial of service (DoS) via af_dialoguenhance.c:...

Summary

A buffer overflow vulnerability in FFmpeg version n6.1-3-g466799d4f5, allows a local attacker to execute arbitrary code and cause a denial of service (DoS) via af_dialoguenhance.c:261:5 in the de_stereo component. (CVE-2023-49528)

References

- https://bugs.mageia.org/show_bug.cgi?id=33430

- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3BMDGSJN6WOKM5DG6WR4ITFVPI77UHH/

- https://www.cve.org/CVERecord?id=CVE-2023-49528

Resolution

SRPMS

- 9/core/ffmpeg-5.1.6-1.1.mga9

- 9/tainted/ffmpeg-5.1.6-1.1.mga9.tainted

Severity
critical
Lowest
Low
Medium
High
Critical

Publication date: 12 Feb 2025
URL: https://advisories.mageia.org/MGASA-2025-0057.html
Type: security
CVE: CVE-2023-49528

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here