1
0
mirror of https://git.yoctoproject.org/poky synced 2026-07-16 03:47:03 +00:00
Files
Li Wang 6e1ca0e922 flac: fix CVE-2021-0561
In append_to_verify_fifo_interleaved_ of stream_encoder.c, there is
a possible out of bounds write due to a missing bounds check. This
could lead to local information disclosure with no additional
execution privileges needed. User interaction is not needed for
exploitation.Product: AndroidVersions: Android-11Android ID: A-174302683

References:
https://nvd.nist.gov/vuln/detail/CVE-2021-0561

Upstream patches:
https://github.com/xiph/flac/commit/e1575e4a7c5157cbf4e4a16dbd39b74f7174c7be

(From OE-Core rev: 76d5c8d876f78d86e755c12360d41e40154eca0b)

Signed-off-by: Li Wang <li.wang@windriver.com>
Signed-off-by: Joe Slater <joe.slater@windriver.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2022-04-03 20:49:03 +01:00
..
2022-04-03 20:49:03 +01:00
2022-04-03 20:49:03 +01:00