Ubuntu Security Notice 6403-3 - USN-6403-1 fixed several vulnerabilities in libvpx. This update provides the corresponding update for Ubuntu 16.04 LTS. It was discovered that libvpx did not properly handle certain malformed media files. If an application using libvpx opened a specially crafted file, a remote attacker could cause a denial of service, or possibly execute arbitrary code.
7e693ea75085726dfc8a1429e092710cdc8d66beb217a2785cd9165a7e0fa37f==========================================================================
Ubuntu Security Notice USN-6403-3
November 01, 2023
libvpx vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 LTS (Available with Ubuntu Pro)
Summary:
Several security issues were fixed in libvpx.
Software Description:
- libvpx: VP8 and VP9 video codec
Details:
USN-6403-1 fixed several vulnerabilities in libvpx. This update provides
the corresponding update for Ubuntu 16.04 LTS.
Original advisory details:
It was discovered that libvpx did not properly handle certain malformed
media files. If an application using libvpx opened a specially crafted
file, a remote attacker could cause a denial of service, or possibly
execute arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 LTS (Available with Ubuntu Pro):
libvpx3 1.5.0-2ubuntu1.1+esm2
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-6403-3
https://ubuntu.com/security/notices/USN-6403-1
CVE-2023-44488, CVE-2023-5217
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed