The EbmlElement::ReadCodedSizeValue function in libEBML before 1.3.3 allows context-dependent attackers to obtain sensitive information from process heap memory via a crafted length value in an EBML id, which triggers an invalid memory access. External references: http://www.scip.ch/en/?vuldb.80729 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8791 Upstream fix: https://github.com/Matroska-Org/libebml/commit/24e5cd7c666b1ddd85619d60486db0a5481c1b90
Created libebml tracking bugs for this issue: Affects: epel-6 [bug 1303854] Affects: epel-7 [bug 1303856]