1039 matches found
Medium: vorbis-tools
Issue Overview: A buffer underflow vulnerability has been identified in the ogg123 utility from the vorbis-tools 1.4.3 package in function remotethread in remote.c. This vulnerability occurs in the remote control functionality when processing malformed input, leading to a stack buffer underflow...
Medium: vorbis-tools
Issue Overview: A buffer underflow vulnerability has been identified in the ogg123 utility from the vorbis-tools 1.4.3 package in function remotethread in remote.c. This vulnerability occurs in the remote control functionality when processing malformed input, leading to a stack buffer underflow...
Security update for vorbis-tools (moderate)
openSUSE security update: security update for vorbis-tools ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20891-1 Rating: moderate References: bsc1265361 Cross-References: CVE-2026-34253 CVSS scores: CVE-2026-34253 SUSE : 3.3...
OPENSUSE-SU-2026:20891-1 Security update for vorbis-tools
This update for vorbis-tools fixes the following issues: Changes in vorbis-tools: - CVE-2026-34253: Fix buffer underflow in the ogg123 utility in function remotethread of remote.c bsc1265361:...
vorbis-tools-1.4.3-2.1 on GA media (moderate)
vorbis-tools-1.4.3-2.1 on GA media Announcement ID: openSUSE-SU-2026:10904-1 Rating: moderate Cross-References: CVE-2026-34253 CVSS scores: CVE-2026-34253 SUSE : 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2026-34253 SUSE : 4.8...
OESA-2026-2486 vorbis-tools security update
Ogg Vorbis is a fully open, non-proprietary, patent-and-royalty-free, general-purpose compressed audio format for mid to high quality 8kHz-48.0kHz, 16+ bit, polyphonic audio and music at fixed and variable bitrates from 16 to 128 kbps/channel. This places Vorbis in the same competitive class as...
OPENSUSE-SU-2026:10904-1 vorbis-tools-1.4.3-2.1 on GA media
These are all security issues fixed in the vorbis-tools-1.4.3-2.1 package on the GA media of openSUSE Tumbleweed...
OESA-2026-2378 vorbis-tools security update
Ogg Vorbis is a fully open, non-proprietary, patent-and-royalty-free, general-purpose compressed audio format for mid to high quality 8kHz-48.0kHz, 16+ bit, polyphonic audio and music at fixed and variable bitrates from 16 to 128 kbps/channel. This places Vorbis in the same competitive class as...
OESA-2026-2377 vorbis-tools security update
Ogg Vorbis is a fully open, non-proprietary, patent-and-royalty-free, general-purpose compressed audio format for mid to high quality 8kHz-48.0kHz, 16+ bit, polyphonic audio and music at fixed and variable bitrates from 16 to 128 kbps/channel. This places Vorbis in the same competitive class as...
OESA-2026-2376 vorbis-tools security update
Ogg Vorbis is a fully open, non-proprietary, patent-and-royalty-free, general-purpose compressed audio format for mid to high quality 8kHz-48.0kHz, 16+ bit, polyphonic audio and music at fixed and variable bitrates from 16 to 128 kbps/channel. This places Vorbis in the same competitive class as...
OESA-2026-2375 vorbis-tools security update
Ogg Vorbis is a fully open, non-proprietary, patent-and-royalty-free, general-purpose compressed audio format for mid to high quality 8kHz-48.0kHz, 16+ bit, polyphonic audio and music at fixed and variable bitrates from 16 to 128 kbps/channel. This places Vorbis in the same competitive class as...
Astra Linux - уязвимость в libstb
stbvorbis is a single-file library licensed under the MIT license, designed for processing OGG Vorbis files. A properly crafted file may cause a memory allocation failure in the startdecoder function. In such cases, the function returns early, but some of the pointers in f-commentlist remain...
Astra Linux - уязвимость в gst-plugins-base1.0
GStreamer is a library for constructing graphs of media-handling components. A stack-buffer overflow has been detected in the vorbishandleidentificationpacket function within gstvorbisdec.c. The position array is a stack-allocated buffer of size 64. If vd-vi.channels exceeds 64, the for loop will...
Astra Linux - уязвимость в gst-plugins-base1.0
GStreamer is a library for constructing graphs of media-handling components. An OOB-Write has been detected in the function gstparsevorbissetuppacket within vorbisparse.c. The integer value is read from the input file without proper validation. As a result, the value can exceed the fixed size of...
Astra Linux - уязвимость в libstb
STBVorbis is a single-file library licensed under the MIT license, designed for processing OGG Vorbis files. A properly crafted file may trigger an out-of-bounds read in the DECODE macro when var is negative. As can be seen in the definition of DECODERAW, a negative value for var is still a valid...
Astra Linux - уязвимость в libsndfile
In version 1.2.2 of libsndfile, there is a buffer overflow issue in the oggvorbis.c file, specifically in the vorbisanalysiswrote out-of-bounds read function...
Astra Linux - уязвимость в libstb
STBVorbis is a single-file library licensed under MIT, designed for processing OGG Vorbis files. A properly crafted file may cause a memory allocation failure in the startdecoder function. In such cases, the function returns early; f-commentlist is set to NULL, but f-commentlistlength is not rese...
Astra Linux - уязвимость в libstb
STBVorbis is a single-file library licensed under MIT, designed for processing OGG Vorbis files. A maliciously crafted file may trigger an out-of-bounds write vulnerability in the line f-vendorlen = char'\0';. The root cause of this issue is that if len, read from startdecoder, is a negative...
Astra Linux - уязвимость в libstb
There is a heap-based buffer overflow vulnerability in the comment functionality of stbvorbis.c v1.22. A specially crafted .ogg file can lead to an out-of-bounds write. An attacker can provide a malicious file to exploit this vulnerability...
Astra Linux - уязвимость в libstb
STBVorbis is a single-file library licensed under MIT that processes OGG Vorbis files. A properly crafted file may trigger an out-of-buffer write in the startdecoder function, because the maximum number of m-submaps is 16, but submapfloor and submapresidue are declared as arrays of 15 elements...