24 matches found
Linux Distros Unpatched Vulnerability : CVE-2023-43641
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libcue provides an API for parsing and extracting data from CUE sheets. Versions 2.2.1 and prior are vulnerable to out-of-bounds array access. A user of the GNO...
Fedora 39 : libcue (2023-f4e74a94a2)
The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-f4e74a94a2 advisory. This update backports the fix for a serious security issue that could cause arbitrary code execution, tracked as CVE-2023-43641. See this write-up by Kevin...
Mageia: Security Advisory (MGASA-2023-0300)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated libcue packages fix a security vulnerability
Versions 2.2.1 and prior are vulnerable to out-of-bounds array access. A user of the GNOME desktop environment can be exploited by downloading a cue sheet from a malicious webpage. Because the file is saved to /Downloads, it is then automatically scanned by tracker-miners. And because it has a .c...
SUSE-SU-2023:4090-1 Security update for libcue
This update for libcue fixes the following issues: - CVE-2023-43641: Fixed a buffer overflow while parsing a malicious file bsc1215728...
GNOME Linux Systems Exposed to 1-Click RCE Attacks
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary A new security vulnerability, known as CVE-2023-43641, has been identified in the libcue library. This library is utilized by Tracker Miners and is shipped along with the GNOME desktop environment...
FreeBSD : libcue -- out-of-bounds array access (ae0ee356-6ae1-11ee-bfb6-8c164567ca3c)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the ae0ee356-6ae1-11ee-bfb6-8c164567ca3c advisory. - libcue provides an API for parsing and extracting data from CUE sheets. Versions 2.2.1 and prior are...
Fedora 37 : libcue (2023-1fe05ac8d9)
The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-1fe05ac8d9 advisory. This update backports the fix for a serious security issue that could cause arbitrary code execution, tracked as CVE-2023-43641. See this write-up by Kevin...
Fedora 38 : libcue (2023-eec9ce5935)
The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-eec9ce5935 advisory. This update backports the fix for a serious security issue that could cause arbitrary code execution, tracked as CVE-2023-43641. See this write-up by Kevin...
Fedora: Security Advisory (FEDORA-2023-f4e74a94a2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory for tracker-miners (FEDORA-2023-40044895ce)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian dla-3615 : libcue-dev - security update
The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3615 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3615-1 [email protected] https://www.debian.org/lts/security/...
[SECURITY] [DLA 3615-1] libcue security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3615-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz October 12, 2023 https://wiki.debian.org/LTS -...
[SECURITY] [DSA 5524-1] libcue security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5524-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff October 11, 2023 https://www.debian.org/security/faq -...
Fedora 38 : tracker-miners (2023-e8f45c67f5)
The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-e8f45c67f5 advisory. Seccomp jail improvements CVE-2023-43641 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus h...
Fedora 37 : tracker-miners (2023-40044895ce)
The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-40044895ce advisory. Seccomp jail improvements CVE-2023-43641 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus h...
Debian DSA-5524-1 : libcue - security update
The remote Debian 11 / 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5524 advisory. - libcue provides an API for parsing and extracting data from CUE sheets. Versions 2.2.1 and prior are vulnerable to out-of-bounds array access. A user of the GNOME...
[slackware-security] libcue
New libcue packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/libcue-2.2.1-i586-4slack15.0.txz: Rebuilt. Fixed a bug which could allow memory corruption resulting in arbitrary code execution. For...
libcue Library Flaw Opens GNOME Linux Systems Vulnerable to RCE Attacks
A new security flaw has been disclosed in the libcue library impacting GNOME Linux systems that could be exploited to achieve remote code execution RCE on affected hosts. Tracked as CVE-2023-43641 CVSS score: 8.8, the issue is described as a case of memory corruption in libcue, a library designed...
Slackware Linux 15.0 / current libcue Vulnerability (SSA:2023-283-01)
The version of libcue installed on the remote host is prior to 2.2.1. It is, therefore, affected by a vulnerability as referenced in the SSA:2023-283-01 advisory. - libcue provides an API for parsing and extracting data from CUE sheets. Versions 2.2.1 and prior are vulnerable to out-of-bounds arr...