248 matches found
PT-2023-31054 · Jellyfin · Jellyfin
Name of the Vulnerable Software and Affected Versions: Jellyfin versions prior to 10.8.13 Description: The issue concerns an argument injection in the VideosController, specifically the "/Videos//stream" and "/Videos//stream." endpoints, which are reachable by an unauthenticated user. Additional...
kernel: ASoC: codecs: tx-macro: Fix for KASAN: slab-out-of-bounds
A slab-out-of-bounds read vulnerability was found in the Linux kernel's ASoC tx-macro codec driver. The decimator variable was incorrectly sized at 32 bits, causing regcacheflatread to access memory beyond the allocated slab when reading register cache values during the txmacrodigitalmute...
The vulnerability of the bitwriter_grow_ function in the FLAC audio codec allows a hacker to execute arbitrary code.
The vulnerability of the bitwritergrow function in the FLAC audio codec is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code...
[SECURITY] Fedora 37 Update: flac-1.3.4-3.fc37
FLAC stands for Free Lossless Audio Codec. Grossly oversimplified, FLAC is similar to Ogg Vorbis, but lossless. The FLAC project consists of the stream format, reference encoders and decoders in library form, flac, a command-line program to encode and decode FLAC files, metaflac, a command-line...
Important: Red Hat Security Advisory: flac security update
An update for flac is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...
Important: flac security update
FLAC stands for Free Lossless Audio Codec. FLAC is similar to Ogg Vorbis, but lossless. The FLAC project consists of the stream format, reference encoders and decoders in library form, a command-line program to encode and decode FLAC files, and a command-line metadata editor for FLAC files...
ALSA-2023:5048 Important: flac security update
FLAC stands for Free Lossless Audio Codec. FLAC is similar to Ogg Vorbis, but lossless. The FLAC project consists of the stream format, reference encoders and decoders in library form, a command-line program to encode and decode FLAC files, and a command-line metadata editor for FLAC files...
ALSA-2023:5046 Important: flac security update
FLAC stands for Free Lossless Audio Codec. FLAC is similar to Ogg Vorbis, but lossless. The FLAC project consists of the stream format, reference encoders and decoders in library form, a command-line program to encode and decode FLAC files, and a command-line metadata editor for FLAC files...
Important: flac security update
FLAC stands for Free Lossless Audio Codec. FLAC is similar to Ogg Vorbis, but lossless. The FLAC project consists of the stream format, reference encoders and decoders in library form, a command-line program to encode and decode FLAC files, and a command-line metadata editor for FLAC files...
UBUNTU-CVE-2020-22219
Buffer Overflow vulnerability in function bitwritergrow in flac before 1.4.0 allows remote attackers to run arbitrary code via crafted input to the encoder...
Free Lossless Audio Codec 安全漏洞
Free Lossless Audio Codec FLAC is an open source software from the Xiph.Org Foundation open source. It can reduce the amount of storage space needed to store digital audio signals. A security vulnerability exists in versions of Free Lossless Audio Codec prior to 1.4.0, which stems from a buffer...
CVE-2023-28555 Buffer Over-read in Audio
Transient DOS in Audio while remapping channel buffer in media codec decoding...
UBUNTU-CVE-2023-34823
fdkaac before 1.0.5 was discovered to contain a stack overflow in readcallback function in src/main.c...
kernel: ASoC: da7219: Fix an error handling path in da7219_register_dai_clks()
A flaw was found in the Linux kernel's ASoC da7219 audio codec driver. An error handling path in da7219registerdaiclks incorrectly attempts to unregister a clock that was never successfully registered. This could lead to incorrect resource cleanup during driver probe failure, potentially causing...
kernel: ASoC: da7219: Fix an error handling path in da7219_register_dai_clks()
A flaw was found in the Linux kernel's ASoC da7219 audio codec driver. An error handling path in da7219registerdaiclks incorrectly attempts to unregister a clock that was never successfully registered. This could lead to incorrect resource cleanup during driver probe failure, potentially causing...
SUSE CVE-2017-6888
An error in the "readmetadatavorbiscomment" function src/libFLAC/streamdecoder.c in FLAC version 1.3.2 can be exploited to cause a memory leak via a specially crafted FLAC file...
SUSE CVE-2017-18244
The stereoprocessing function in libavcodec/aacps.c in Libav 12.2 allows remote attackers to cause a denial of service out-of-bounds read via a crafted aac file, related to ffpsapply...
SUSE CVE-2021-4156
An out-of-bounds read flaw was found in libsndfile's FLAC codec functionality. An attacker who is able to submit a specially crafted file via tricking a user to open or otherwise to an application linked with libsndfile and using the FLAC codec, could trigger an out-of-bounds read that would most...
ALSA-2022:8078 Moderate: flac security update
FLAC stands for Free Lossless Audio Codec. FLAC is similar to Ogg Vorbis, but lossless. The FLAC project consists of the stream format, reference encoders and decoders in library form, a command-line program to encode and decode FLAC files, and a command-line metadata editor for FLAC files...
PT-2022-34893 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.7 Description: The issue is related to a possible memory leak in the snd ac97 dev register function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel...