Updated libebml packages fix security vulnerabilities

🗓️ 08 Jun 2021 14:33:02Reported by Gentoo FoundationType

mageia

mageia🔗 advisories.mageia.org👁 26 Views

Updated libebml packages fix security vulnerabilities. Heap use-after-free and heap overflow bug in libebml

Reporter	Title	Published	Views	Family All 39
AlpineLinux	CVE-2021-3405	23 Feb 202119:05	–	alpinelinux
ArchLinux	[ASA-202103-18] libebml: arbitrary code execution	25 Mar 202100:00	–	archlinux
BDU FSTEC	The vulnerability in the implementation of EbmlString::ReadData and EbmlUnicodeString::ReadData functions of the EBML analysis library Libebml, related to writing beyond the buffer boundary, allows a attacker to cause a service failure.	2 Nov 202100:00	–	bdu_fstec
Circl	CVE-2021-3405	23 Feb 202122:35	–	circl
CNNVD	Matroska libebml Buffer Error Vulnerability	23 Feb 202100:00	–	cnnvd
CVE	CVE-2021-3405	23 Feb 202119:05	–	cve
Cvelist	CVE-2021-3405	23 Feb 202119:05	–	cvelist
Debian	[SECURITY] [DLA 2629-1] libebml security update	18 Apr 202117:09	–	debian
Debian CVE	CVE-2021-3405	23 Feb 202119:05	–	debiancve
Tenable Nessus	Debian DLA-2629-1 : libebml security update	19 Apr 202100:00	–	nessus

OS	OS Version	Architecture	Package	Package Version	Filename
Mageia	7	any	libebml	1.4.2-1	libebml-1.4.2-1.noarch.rpm
Mageia	7	any	libmatroska	1.5.0-2.1	libmatroska-1.5.0-2.1.noarch.rpm
Mageia	7	any	mkvtoolnix	32.0.0-2.1	mkvtoolnix-32.0.0-2.1.noarch.rpm

Source	Link
bugs	www.bugs.mageia.org/show_bug.cgi
lists	www.lists.fedoraproject.org/archives/list/[email protected]/thread/7COLX6WFFOI3RIOY2IOXWASU3QKAOWKO/
lists	www.lists.fedoraproject.org/archives/list/[email protected]/thread/JNHQI6MDOECJ2HT5GCLEX2DMJFEOWPW7/
debian	www.debian.org/lts/security/2021/dla-2629

31 May 2021 20:30Current

2.6Low risk

Vulners AI Score2.6

CVSS 24.3

CVSS 3.16.5

EPSS0.01737

libebml security vulnerabilities heap use-after-free heap overflow mkvtoolnix libmatroska