VLC could be made to crash or run programs if it received
specially crafted network traffic.
Software Description:
- vlc: multimedia player and streamer
Details:
It was discovered that VLC incorrectly handled memory when reading a MMS
stream. An attacker could possibly use this issue to cause a denial of
service or execute arbitrary code.
The problem can be corrected by updating your system to the following package versions: Ubuntu 24.04 LTS vlc 3.0.20-3ubuntu0.1~esm1 Available with Ubuntu Pro Ubuntu 22.04 LTS vlc 3.0.16-1ubuntu0.1~esm3 Available with Ubuntu Pro Ubuntu 20.04 LTS vlc 3.0.9.2-1ubuntu0.1~esm3 Available with Ubuntu Pro Ubuntu 18.04 LTS vlc 3.0.8-0ubuntu18.04.1+esm3 Available with Ubuntu Pro Ubuntu 16.04 LTS vlc 2.2.2-5ubuntu0.16.04.5+esm4 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes.
https://ubuntu.com/security/notices/USN-7243-1
CVE-2024-46461
Get the latest Linux and open source security news straight to your inbox.