drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Ausführen beliebiger Kommandos in AOM
Name: |
Ausführen beliebiger Kommandos in AOM |
|
ID: |
USN-6815-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 24.04 LTS |
|
Datum: |
Do, 6. Juni 2024, 22:34 |
|
Referenzen: |
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5171 |
|
Applikationen: |
aom |
|
Originalnachricht |
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --===============8485072912125009758== Content-Language: en-CA Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="------------XEFAnyWlXykkGBe68WcQbbTr"
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --------------XEFAnyWlXykkGBe68WcQbbTr Content-Type: multipart/mixed; boundary="------------JxtOXkuGyl0RY4zfOAu6IEKq"; protected-headers="v1" From: Marc Deslauriers <marc.deslauriers@canonical.com> Reply-To: Ubuntu Security <security@ubuntu.com> To: "ubuntu-security-announce@lists.ubuntu.com" <ubuntu-security-announce@lists.ubuntu.com> Message-ID: <6aa86298-b5ab-48c8-9e02-2421b09718b8@canonical.com> Subject: [USN-6815-1] AOM vulnerability
--------------JxtOXkuGyl0RY4zfOAu6IEKq Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: base64
========================================================================== Ubuntu Security Notice USN-6815-1 June 06, 2024
aom vulnerability ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 24.04 LTS
Summary:
AOM could be made to crash or run programs if it opened a specially crafted file.
Software Description: - aom: AV1 Video Codec Library
Details:
Xiantong Hou discovered that AOM did not properly handle certain malformed media files. If an application using AOM opened a specially crafted file, a remote attacker could cause a denial of service, or possibly execute arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 24.04 LTS libaom3 3.8.2-2ubuntu0.1
In general, a standard system update will make all the necessary changes.
References: https://ubuntu.com/security/notices/USN-6815-1 CVE-2024-5171
Package Information: https://launchpad.net/ubuntu/+source/aom/3.8.2-2ubuntu0.1
--------------JxtOXkuGyl0RY4zfOAu6IEKq--
--------------XEFAnyWlXykkGBe68WcQbbTr Content-Type: application/pgp-signature; name="OpenPGP_signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="OpenPGP_signature.asc"
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAmZiDJoACgkQZWnYVadE vpOIoA/+N72q1FsmttnGLzYLOqzG3LofUETe7Q/Mp9m+xffmQdDQrjx+UTyPEq5t R9qsE/Od8z2DXg21P0rCtgSat9ERh56MSBG4vMHuqRFY/mrSeQnMQtaKLmtMc2XQ rUWwB0Lj/YD9tSntW17juCQ73OCUMpVx6fjQ1GOWUK3LqCsV1sMQsVm3AT7MynDX FmtVqaUosF3XiiJt4IT/U0t1K22qQYjw0BKBy5R/r3eTAO6mBKs5KBuRi3qSKA+L H2rCMmkNShHXPUK7nM8B5hv2ORk5APXKCLq27it0MOoMWqKyiIs4HzaN+iWkaoWI kqUFsh82KNCJDJTrov3RcwW85BbDyPquAkJvj2T7bKh9XZyB8/ExaX1EutXUebaw xeGuCvOK3HMk+FA2Vx4EOOGdShXZyJROHZu75lup15lURIVIk4M7zl3D/pfs3xFe zInliDC0llPPLQHeFy0w7vWFD5jGKXgPrX6pdVbxnKJv05a7GucFlRnaOoZUJU5u 0D33X/pHazRQl86Pb9hedLtav7HPpt6qOz8D22r8Upfmv3LPTCiEVSQdK5PNxR1Q 8W+L/7u376FhyYRmADzWUisT04VvKa5uaPYw7VzG6BM8GBzhQoDnWeyUnzWD1wcD zeBWyrz6Np90B0Vyh4EvcmN1X6pJ2ADdAu2V1ToIiE1zTTBu7fw= =cuR2 -----END PGP SIGNATURE-----
--------------XEFAnyWlXykkGBe68WcQbbTr--
--===============8485072912125009758== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline
Cg==
--===============8485072912125009758==--
|
|
|
|