Fedora Account System
Red Hat Associate
Red Hat Customer
A heap-based buffer overflow vulnerability exists in the comment functionality of stb _vorbis.c v1.22. A specially crafted .ogg file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability. https://talosintelligence.com/vulnerability_reports/TALOS-2023-1846
Created stb tracking bugs for this issue: Affects: epel-all [bug 2278403] Affects: fedora-all [bug 2278402]
To exploit this vulnerability, a malicious file can be supplied by an attacker. https://talosintelligence.com/vulnerability_reports/TALOS-2023-1846 https://watermelon-game.co
Security Response team is monitoring the upstream fix availability and investigating potential impact across affected product components. Updates regarding remediation and backport patches will be logged here as they progress. https://www.acceptanceinsurance.com.co