Ubuntu Security Notice 6403-2 - USN-6403-1 fixed several vulnerabilities in libvpx. This update provides the corresponding update for Ubuntu 18.04 LTS. It was discovered that libvpx did not properly handle certain malformed media files. If an application using libvpx opened a specially crafted file, a remote attacker could cause a denial of service, or possibly execute arbitrary code.
46dc6da4bc81d5d69b72224b573df890e0a70a1242f2d5d47376145dcb81a460=========================================================================
Ubuntu Security Notice USN-6403-2
October 23, 2023
libvpx vulnerabilities
=========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS (Available with Ubuntu Pro)
Summary:
Several security issues were fixed in libvpx.
Software Description:
- libvpx: VP8 and VP9 video codec
Details:
USN-6403-1 fixed several vulnerabilities in libvpx. This update provides
the corresponding update for Ubuntu 18.04 LTS.
Original advisory details:
It was discovered that libvpx did not properly handle certain malformed
media files. If an application using libvpx opened a specially crafted
file, a remote attacker could cause a denial of service, or possibly
execute arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 18.04 LTS (Available with Ubuntu Pro):
libvpx5 1.7.0-3ubuntu0.18.04.1+esm1
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-6403-2
https://ubuntu.com/security/notices/USN-6403-1
CVE-2023-44488, CVE-2023-5217
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed