Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 618
Alerts This Week
Warning Icon 1 618

Ubuntu 14.04 LTS USN-7172-1 moderate: libvpx denial of service

ubuntu
Calendar Grey December 18, 2024
Dist Ubuntu Esm H88
The Ubuntu security notice USN-7172-1 pertains to vulnerabilities in libvpx; make sure your system is up to date for optimal security.
libvpx could be made to crash or run programs if it received specially crafted input.

Summary

libvpx could be made to crash or run programs if it received specially

crafted input.

Software Description:

- libvpx: VP8 and VP9 video codec

Details:

It was discovered that libvpx did not properly handle certain malformed

media files. If an application using libvpx opened a specially crafted

file, a remote attacker could cause a denial of service, or possibly

execute arbitrary code. Ubuntu 22.04 LTS, Ubuntu 20.04 LTS, Ubuntu 18.04

LTS, and Ubuntu 16.04 LTS were previously addressed in USN-6403-1,

USN-6403-2, and USN-6403-3. This update addresses the issue in Ubuntu 14.04

LTS.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 14.04 LTS
   libvpx1                         1.3.0-2ubuntu0.1~esm3
                                   Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References

  https://ubuntu.com/security/notices/USN-7172-1

  CVE-2023-5217

Ubuntu Security Notice USN-7172-1

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.