Explore top 10 tips to secure your open-source projects now. Read More
×
Several security issues were fixed in VLC media player.
Software Description:
- vlc: multimedia player and streamer
Details:
It was discovered that VLC could be made to read out of bounds when
decoding image files. If a user were tricked into opening a crafted image
file, a remote attacker could possibly use this issue to cause VLC to
crash, leading to a denial of service. This issue only affected Ubuntu
16.04 LTS and Ubuntu 18.04 LTS. (CVE-2019-19721)
It was discovered that VLC could be made to write out of bounds when
processing H.264 video files. If a user were tricked into opening a
crafted H.264 video file, a remote attacker could possibly use this issue
to cause VLC to crash, leading to a denial of service, or possibly
execute arbitrary code. This issue only affected Ubuntu 18.04 LTS and
Ubuntu 20.04 LTS. (CVE-2020-13428)
It was discovered that VLC could be made to read out of bounds when
processing AVI video files. If a user were tricked into openi...
The problem can be corrected by updating your system to the following package versions: Ubuntu 22.10: vlc 3.0.17.4-5ubuntu0.1 vlc-plugin-access-extra 3.0.17.4-5ubuntu0.1 Ubuntu 22.04 LTS (Available with Ubuntu Pro): vlc 3.0.16-1ubuntu0.1~esm1 vlc-plugin-access-extra 3.0.16-1ubuntu0.1~esm1 Ubuntu 20.04 LTS (Available with Ubuntu Pro): vlc 3.0.9.2-1ubuntu0.1~esm1 vlc-plugin-access-extra 3.0.9.2-1ubuntu0.1~esm1 Ubuntu 18.04 LTS (Available with Ubuntu Pro): vlc 3.0.8-0ubuntu18.04.1+esm1 vlc-plugin-access-extra 3.0.8-0ubuntu18.04.1+esm1 Ubuntu 16.04 LTS (Available with Ubuntu Pro): vlc 2.2.2-5ubuntu0.16.04.5+esm2 In general, a standard system update will make all the necessary changes.
https://ubuntu.com/security/notices/USN-6180-1
CVE-2019-19721, CVE-2020-13428, CVE-2021-25801, CVE-2021-25802,
CVE-2021-25803, CVE-2021-25804, CVE-2022-41325
Get the latest Linux and open source security news straight to your inbox.