Mageia Linux Local Security Checks : Mageia: Security Advisory (MGASA-2024-0243)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.1.10.2024.0243

Categoría: Mageia Linux Local Security Checks

Título: Mageia: Security Advisory (MGASA-2024-0243)

Resumen: The remote host is missing an update for the 'libheif' package(s) announced via the MGASA-2024-0243 advisory.

Descripción: Summary:
The remote host is missing an update for the 'libheif' package(s) announced via the MGASA-2024-0243 advisory.

Vulnerability Insight:
It was discovered that libheif incorrectly handled certain image data.
An attacker could possibly use this issue to crash the program,
resulting in a denial of service. (CVE-2019-11471)
Reza Mirzazade Farkhani discovered that libheif incorrectly handled
certain image data. An attacker could possibly use this issue to crash
the program, resulting in a denial of service. (CVE-2020-23109)
Eugene Lim discovered that libheif incorrectly handled certain image
data.
An attacker could possibly use this issue to crash the program,
resulting in a denial of service. (CVE-2023-0996)
Min Jang discovered that libheif incorrectly handled certain image data.
An attacker could possibly use this issue to crash the program,
resulting in a denial of service. (CVE-2023-29659)
Yuchuan Meng discovered that libheif incorrectly handled certain image
data.
An attacker could possibly use this issue to crash the program,
resulting in a denial of service. (CVE-2023-49460, CVE-2023-49462,
CVE-2023-49463, CVE-2023-49464)

Affected Software/OS:
'libheif' package(s) on Mageia 9.

Solution:
Please install the updated package(s).

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2023-49460
https://github.com/strukturag/libheif/issues/1046
Common Vulnerability Exposure (CVE) ID: CVE-2023-49462
https://github.com/strukturag/libheif/issues/1043
Common Vulnerability Exposure (CVE) ID: CVE-2023-49463
https://github.com/strukturag/libheif
https://github.com/strukturag/libheif/issues/1042
Common Vulnerability Exposure (CVE) ID: CVE-2023-49464
https://github.com/strukturag/libheif/issues/1044

Copyright Copyright (C) 2024 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2024.0243
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2024-0243)
Resumen:	The remote host is missing an update for the 'libheif' package(s) announced via the MGASA-2024-0243 advisory.
Descripción:	Summary: The remote host is missing an update for the 'libheif' package(s) announced via the MGASA-2024-0243 advisory. Vulnerability Insight: It was discovered that libheif incorrectly handled certain image data. An attacker could possibly use this issue to crash the program, resulting in a denial of service. (CVE-2019-11471) Reza Mirzazade Farkhani discovered that libheif incorrectly handled certain image data. An attacker could possibly use this issue to crash the program, resulting in a denial of service. (CVE-2020-23109) Eugene Lim discovered that libheif incorrectly handled certain image data. An attacker could possibly use this issue to crash the program, resulting in a denial of service. (CVE-2023-0996) Min Jang discovered that libheif incorrectly handled certain image data. An attacker could possibly use this issue to crash the program, resulting in a denial of service. (CVE-2023-29659) Yuchuan Meng discovered that libheif incorrectly handled certain image data. An attacker could possibly use this issue to crash the program, resulting in a denial of service. (CVE-2023-49460, CVE-2023-49462, CVE-2023-49463, CVE-2023-49464) Affected Software/OS: 'libheif' package(s) on Mageia 9. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2023-49460 https://github.com/strukturag/libheif/issues/1046 Common Vulnerability Exposure (CVE) ID: CVE-2023-49462 https://github.com/strukturag/libheif/issues/1043 Common Vulnerability Exposure (CVE) ID: CVE-2023-49463 https://github.com/strukturag/libheif https://github.com/strukturag/libheif/issues/1042 Common Vulnerability Exposure (CVE) ID: CVE-2023-49464 https://github.com/strukturag/libheif/issues/1044
Copyright	Copyright (C) 2024 Greenbone AG