Red Hat Bugzilla – Bug 1276335
CVE-2015-8792 libmatroska: Out-of-bounds heap read in KaxInternalBlock::ReadData()
Last modified: 2016-02-01 03:42:34 EST
KaxInternalBlock::ReadData(): Fixed an invalid memory access. When reading a block group or a simple block that uses EBML lacing the frame sizes indicated in the lacing weren't checked against the available number of bytes. If the indicated frame size was bigger than the whole block's size the parser would read beyond the end of the buffer resulting in a heap information leak.
Created libmatroska tracking bugs for this issue:
Affects: fedora-all [bug 1276338]
Affects: epel-all [bug 1276339]
Added CVE according to http://www.cvedetails.com/cve/CVE-2015-8792