Mageia Linux Local Security Checks : Mageia: Security Advisory (MGASA-2024-0220)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.1.10.2024.0220

Categoría: Mageia Linux Local Security Checks

Título: Mageia: Security Advisory (MGASA-2024-0220)

Resumen: The remote host is missing an update for the 'aom' package(s) announced via the MGASA-2024-0220 advisory.

Descripción: Summary:
The remote host is missing an update for the 'aom' package(s) announced via the MGASA-2024-0220 advisory.

Vulnerability Insight:
Integer overflow in libaom internal function img_alloc_helper can lead
to heap buffer overflow. This function can be reached via 3 callers: *
Calling aom_img_alloc() with a large value of the d_w, d_h, or align
parameter may result in integer overflows in the calculations of buffer
sizes and offsets and some fields of the returned aom_image_t struct may
be invalid. * Calling aom_img_wrap() with a large value of the d_w, d_h,
or align parameter may result in integer overflows in the calculations
of buffer sizes and offsets and some fields of the returned aom_image_t
struct may be invalid. * Calling aom_img_alloc_with_border() with a
large value of the d_w, d_h, align, size_align, or border parameter may
result in integer overflows in the calculations of buffer sizes and
offsets and some fields of the returned aom_image_t struct may be
invalid. (CVE-2024-5171)

Affected Software/OS:
'aom' package(s) on Mageia 9.

Solution:
Please install the updated package(s).

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2024-5171
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5NRNCEYS246CYGOR32MF7OGKWOWER22/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6HYUEHZ35ZPY2EONVZCGO6LPT3AMLZCP/
https://issues.chromium.org/issues/332382766

Copyright Copyright (C) 2024 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2024.0220
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2024-0220)
Resumen:	The remote host is missing an update for the 'aom' package(s) announced via the MGASA-2024-0220 advisory.
Descripción:	Summary: The remote host is missing an update for the 'aom' package(s) announced via the MGASA-2024-0220 advisory. Vulnerability Insight: Integer overflow in libaom internal function img_alloc_helper can lead to heap buffer overflow. This function can be reached via 3 callers: * Calling aom_img_alloc() with a large value of the d_w, d_h, or align parameter may result in integer overflows in the calculations of buffer sizes and offsets and some fields of the returned aom_image_t struct may be invalid. * Calling aom_img_wrap() with a large value of the d_w, d_h, or align parameter may result in integer overflows in the calculations of buffer sizes and offsets and some fields of the returned aom_image_t struct may be invalid. * Calling aom_img_alloc_with_border() with a large value of the d_w, d_h, align, size_align, or border parameter may result in integer overflows in the calculations of buffer sizes and offsets and some fields of the returned aom_image_t struct may be invalid. (CVE-2024-5171) Affected Software/OS: 'aom' package(s) on Mageia 9. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2024-5171 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5NRNCEYS246CYGOR32MF7OGKWOWER22/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6HYUEHZ35ZPY2EONVZCGO6LPT3AMLZCP/ https://issues.chromium.org/issues/332382766
Copyright	Copyright (C) 2024 Greenbone AG