917403 – (CVE-2023-39204, CVE-2023-39208) <net-im/zoom-5.15.10: Buffer overflow

Bug 917403 (CVE-2023-39204, CVE-2023-39208) - <net-im/zoom-5.15.10: Buffer overflow

Summary: <net-im/zoom-5.15.10: Buffer overflow

Status:	RESOLVED FIXED

Alias:	CVE-2023-39204, CVE-2023-39208

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	Normal trivial (vote)
Assignee:	Gentoo Security

URL:	https://explore.zoom.us/en/trust/secu...
Whiteboard:	~3 [noglsa]
Keywords:

Depends on:
Blocks:

Reported:	2023-11-16 06:19 UTC by Jarkko Suominen
Modified:	2023-11-25 19:29 UTC (History)
CC List:	3 users (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Jarkko Suominen 2023-11-16 06:19:24 UTC

Affected: Zoom Desktop Client for Linux before version 5.15.10

Buffer overflow in some Zoom clients may allow an unauthenticated user to conduct a denial of service via network access.

Comment 1 John Helmert III archtester

2023-11-17 03:03:21 UTC

Thanks for reporting! Tree is clean so already all done.

Comment 2 John Helmert III archtester

2023-11-25 19:29:11 UTC

CVE-2023-39208:

Improper input validation in Zoom Desktop Client for Linux before version 5.15.10 may allow an unauthenticated user to conduct a denial of service via network access.