flac: fix CVE-2021-0561 - linux/poky.git - Mirror of git.yoctoproject.org/poky

diff options

author	Li Wang <li.wang@windriver.com>	2022-03-25 13:48:41 -0700
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2022-04-03 20:49:03 +0100
commit	6e1ca0e922e7aee3eb945c0f04a2ace1c8b36100 (patch)
tree	86997b639cce65aaa581f2c3825cf04f86965ba9 /meta/recipes-graphics/xinput-calibrator
parent	d4cc78784b5ab4d68ef2883653f67da676154d8c (diff)
download	poky-6e1ca0e922e7aee3eb945c0f04a2ace1c8b36100.tar.gz

flac: fix CVE-2021-0561

In append_to_verify_fifo_interleaved_ of stream_encoder.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-174302683 References: https://nvd.nist.gov/vuln/detail/CVE-2021-0561 Upstream patches: https://github.com/xiph/flac/commit/e1575e4a7c5157cbf4e4a16dbd39b74f7174c7be (From OE-Core rev: 76d5c8d876f78d86e755c12360d41e40154eca0b) Signed-off-by: Li Wang <li.wang@windriver.com> Signed-off-by: Joe Slater <joe.slater@windriver.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

Diffstat (limited to 'meta/recipes-graphics/xinput-calibrator')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: