First published: Mon Oct 02 2023(Updated: )
It was discovered that libvpx did not properly handle certain malformed media files. If an application using libvpx opened a specially crafted file, a remote attacker could cause a denial of service, or possibly execute arbitrary code.
Affected Software | Affected Version | How to fix |
---|---|---|
All of | ||
ubuntu/libvpx7 | <1.12.0-1ubuntu1.2 | 1.12.0-1ubuntu1.2 |
=23.04 | ||
All of | ||
ubuntu/libvpx7 | <1.11.0-2ubuntu2.2 | 1.11.0-2ubuntu2.2 |
=22.04 | ||
All of | ||
ubuntu/libvpx6 | <1.8.2-1ubuntu0.2 | 1.8.2-1ubuntu0.2 |
=20.04 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this advisory is USN-6403-1.
The libvpx software is affected by this vulnerability.
This vulnerability can cause a denial of service or possibly execute arbitrary code.
To fix this vulnerability, update libvpx to version 1.12.0-1ubuntu1.2 for Ubuntu 23.04, 1.11.0-2ubuntu2.2 for Ubuntu 22.04, or 1.8.2-1ubuntu0.2 for Ubuntu 20.04.
More information about this vulnerability can be found at the following references: [LINK1], [LINK2].