In libebml before 1.4.5, an integer overflow in MemIOCallback.cpp can occur when reading or writing. It may result in buffer overflows. https://github.com/Matroska-Org/libebml/blob/v1.x/NEWS.md https://github.com/Matroska-Org/libebml/compare/release-1.4.4...release-1.4.5 https://github.com/Matroska-Org/libebml/issues/147 https://github.com/Matroska-Org/libebml/pull/148
Created libebml tracking bugs for this issue: Affects: epel-all [bug 2258048] Affects: fedora-all [bug 2258047]
*** Bug 2256953 has been marked as a duplicate of this bug. ***