Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 534
Alerts This Week
Warning Icon 1 534

Ubuntu 19.04: USN-3988-1 Critical: MediaInfo DoS Threat

ubuntu
Calendar Grey May 16, 2019
Dist Ubuntu Esm H88
Vulnerabilities in MediaInfo may lead to system failures while handling specially designed files, affecting users of Ubuntu systems. Patches are now released.
MediaInfo could be made to crash if it opened a specially crafted file.

Summary

MediaInfo could be made to crash if it opened a specially crafted file.

Software Description:

- libmediainfo: library reading metadata from media files

Details:

It was discovered that MediaInfo contained multiple security issues

when

handling certain multimedia files. If a user were tricked into opening

a

crafted multimedia file, an attacker could cause MediaInfo to crash,

resulting

in a denial of service.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 19.04:
  libmediainfo0v5                 18.12-1ubuntu0.1

Ubuntu 18.10:
  libmediainfo0v5                 18.03.1-1ubuntu0.1

Ubuntu 18.04 LTS:
  libmediainfo0v5                 17.12-1ubuntu0.1

In general, a standard system update will make all the necessary
changes.

References

https://ubuntu.com/security/notices/USN-3988-1

CVE-2019-11372, CVE-2019-11373

Severity
critical
Lowest
Low
Medium
High
Critical

May 16, 2019

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.