6 matches found
CLSA-2026-1779694248 mpg123: Fix of CVE-2024-10573
CVE-2024-10573: Out-of-bounds write during PCM decoding of crafted streams could lead to heap corruption and potential arbitrary code execution; decode the MPEG header into a temporary copy that is only applied to the live handle after the frame body is validated upstream svn-r5442, main fix, and...
Medium: mpg123
Issue Overview: An out-of-bounds write flaw was found in mpg123 when handling crafted streams. When decoding PCM, the libmpg123 may write past the end of a heap-located buffer. Consequently, heap corruption may happen, and arbitrary code execution is not discarded. The complexity required to...
Amazon Linux 2 : mpg123, --advisory ALAS2-2025-2997 (ALAS-2025-2997)
The version of mpg123 installed on the remote host is prior to 1.32.9-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2997 advisory. An out-of-bounds write flaw was found in mpg123 when handling crafted streams. When decoding PCM, the libmpg123 may write past the...
mpg123: Buffer overflow when writing decoded PCM samples
An out-of-bounds write flaw was found in mpg123 when handling crafted streams. When decoding PCM, the libmpg123 may write past the end of a heap-located buffer. Consequently, heap corruption may happen, and arbitrary code execution is not discarded. The complexity required to exploit this flaw is...
CVE-2024-10573
An out-of-bounds write flaw was found in mpg123 when handling crafted streams. When decoding PCM, the libmpg123 may write past the end of a heap-located buffer. Consequently, heap corruption may happen, and arbitrary code execution is not discarded. The complexity required to exploit this flaw is...
ALPINE-CVE-2024-10573
An out-of-bounds write flaw was found in mpg123 when handling crafted streams. When decoding PCM, the libmpg123 may write past the end of a heap-located buffer. Consequently, heap corruption may happen, and arbitrary code execution is not discarded. The complexity required to exploit this flaw is...