Bug 2278401 (CVE-2023-47212)
| Summary: | CVE-2023-47212 stb: stb_vorbis.c comment heap-based buffer overflow vulnerability | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Robb Gatica <rgatica> |
| Component: | vulnerability | Assignee: | Product Security <prodsec-ir-bot> |
| Status: | NEW --- | QA Contact: | |
| Severity: | high | Docs Contact: | |
| Priority: | high | ||
| Version: | unspecified | CC: | ruby23calvi |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | Type: | --- | |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 2278402, 2278403 | ||
| Bug Blocks: | |||
|
Description
Robb Gatica
2024-05-01 20:11:45 UTC
Created stb tracking bugs for this issue: Affects: epel-all [bug 2278403] Affects: fedora-all [bug 2278402] To exploit this vulnerability, a malicious file can be supplied by an attacker. https://talosintelligence.com/vulnerability_reports/TALOS-2023-1846 https://watermelon-game.co Security Response team is monitoring the upstream fix availability and investigating potential impact across affected product components. Updates regarding remediation and backport patches will be logged here as they progress. https://www.acceptanceinsurance.com.co |