Gentoo FoundationMGASA-2024-0242Updated libopenmpt packages fix security vulnerabilities
7.8 High
AI Score
Confidence
Low
Possible out-of-bounds read or write when reading malformed MED files. (r19389). [Null-pointer write (32bit platforms) or excessive memory allocation (64bit platforms) when reading close to 4GiB of data from unseekable files (r20336, r20338). Write buffer overflow when reading unseekable files close to 4GiB in size (r20339). [Possible out-of-memory (32bit platforms) or excessive memory allocation (64bit platforms) when reading malformed data from unseekable files (r20340). DMF: Possible null-pointer write or excessive memory allocation when reading DMF files (r20323). Potential heap out-of-bounds read or write past sample end with malformed sustain loops in SymMOD files (r20420). Potential heap out-of-bounds read with malformed Dynamic Studio DSm files (r20912).
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Mageia | 9 | noarch | libopenmpt | < 0.7.8-1 | libopenmpt-0.7.8-1.mga9 |
References
bugs.mageia.org/show_bug.cgi?id=33333
lib.openmpt.org/libopenmpt/2023/06/18/security-updates-0.7.2-0.6.11-0.5.25-release-0.4.37/
lib.openmpt.org/libopenmpt/2024/03/17/security-updates-0.7.5-0.6.14-0.5.28-0.4.40/
lib.openmpt.org/libopenmpt/2024/03/24/security-updates-0.7.6-0.6.15-0.5.29-0.4.41/
lib.openmpt.org/libopenmpt/2024/06/09/security-update-0.7.8-releases-0.6.17-0.5.31-0.4.43/
lists.fedoraproject.org/archives/list/[email protected]/message/ZVQOQRGG6SYMGVWYOQWZ6D5URKRT4FKC/
7.8 High
AI Score
Confidence
Low