1734735 – (CVE-2019-13615) CVE-2019-13615 libebml: could be made to crash if it opened a specially crafted file

Bug 1734735 (CVE-2019-13615) - CVE-2019-13615 libebml: could be made to crash if it opened a specially crafted file

Summary: CVE-2019-13615 libebml: could be made to crash if it opened a specially craft...

Keywords:
Status:	CLOSED ERRATA
Alias:	CVE-2019-13615
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	1734736
Blocks:
TreeView+	depends on / blocked

Reported:	2019-07-31 10:35 UTC by Marian Rehak
Modified:	2021-10-27 10:46 UTC (History)
CC List:	6 users (show)
Fixed In Version:	libebml 1.3.6
Clone Of:
Environment:
Last Closed:	2021-10-27 10:46:59 UTC
Embargoed:

Attachments	(Terms of Use)

Description Marian Rehak 2019-07-31 10:35:04 UTC

libebml before 1.3.6, as used in the MKV module in VideoLAN VLC Media Player binaries before 3.0.3, has a heap-based buffer over-read in EbmlElement::FindNextElement.

Comment 1 Marian Rehak 2019-07-31 10:35:16 UTC

Created libebml tracking bugs for this issue:

Affects: epel-all [bug 1734736]

Note You need to log in before you can comment on or make changes to this bug.