Mageia Linux Local Security Checks : Mageia: Security Advisory (MGASA-2024-0220)

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 145615 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.1.10.2024.0220

Kategorie: Mageia Linux Local Security Checks

Titel: Mageia: Security Advisory (MGASA-2024-0220)

Zusammenfassung: The remote host is missing an update for the 'aom' package(s) announced via the MGASA-2024-0220 advisory.

Beschreibung: Summary:
The remote host is missing an update for the 'aom' package(s) announced via the MGASA-2024-0220 advisory.

Vulnerability Insight:
Integer overflow in libaom internal function img_alloc_helper can lead
to heap buffer overflow. This function can be reached via 3 callers: *
Calling aom_img_alloc() with a large value of the d_w, d_h, or align
parameter may result in integer overflows in the calculations of buffer
sizes and offsets and some fields of the returned aom_image_t struct may
be invalid. * Calling aom_img_wrap() with a large value of the d_w, d_h,
or align parameter may result in integer overflows in the calculations
of buffer sizes and offsets and some fields of the returned aom_image_t
struct may be invalid. * Calling aom_img_alloc_with_border() with a
large value of the d_w, d_h, align, size_align, or border parameter may
result in integer overflows in the calculations of buffer sizes and
offsets and some fields of the returned aom_image_t struct may be
invalid. (CVE-2024-5171)

Affected Software/OS:
'aom' package(s) on Mageia 9.

Solution:
Please install the updated package(s).

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2024-5171
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5NRNCEYS246CYGOR32MF7OGKWOWER22/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6HYUEHZ35ZPY2EONVZCGO6LPT3AMLZCP/
https://issues.chromium.org/issues/332382766

Copyright Copyright (C) 2024 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.1.10.2024.0220
Kategorie:	Mageia Linux Local Security Checks
Titel:	Mageia: Security Advisory (MGASA-2024-0220)
Zusammenfassung:	The remote host is missing an update for the 'aom' package(s) announced via the MGASA-2024-0220 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'aom' package(s) announced via the MGASA-2024-0220 advisory. Vulnerability Insight: Integer overflow in libaom internal function img_alloc_helper can lead to heap buffer overflow. This function can be reached via 3 callers: * Calling aom_img_alloc() with a large value of the d_w, d_h, or align parameter may result in integer overflows in the calculations of buffer sizes and offsets and some fields of the returned aom_image_t struct may be invalid. * Calling aom_img_wrap() with a large value of the d_w, d_h, or align parameter may result in integer overflows in the calculations of buffer sizes and offsets and some fields of the returned aom_image_t struct may be invalid. * Calling aom_img_alloc_with_border() with a large value of the d_w, d_h, align, size_align, or border parameter may result in integer overflows in the calculations of buffer sizes and offsets and some fields of the returned aom_image_t struct may be invalid. (CVE-2024-5171) Affected Software/OS: 'aom' package(s) on Mageia 9. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2024-5171 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5NRNCEYS246CYGOR32MF7OGKWOWER22/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6HYUEHZ35ZPY2EONVZCGO6LPT3AMLZCP/ https://issues.chromium.org/issues/332382766
Copyright	Copyright (C) 2024 Greenbone AG