Summary: | media-video/tsmuxer: multiple vulnerabilities | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | John Helmert III <ajak> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | CONFIRMED --- | ||
Severity: | trivial | CC: | media-video |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://github.com/justdan96/tsMuxer/issues/641 | ||
Whiteboard: | ~3 [upstream/ebuild] | ||
Package list: | Runtime testing required: | --- |
Description
John Helmert III
2022-11-01 15:29:34 UTC
CVE-2023-45510 (https://github.com/justdan96/tsMuxer/issues/778): tsMuxer version git-2539d07 was discovered to contain an alloc-dealloc-mismatch (operator new [] vs operator delete) error. Possibly fixed in nightly according to https://github.com/justdan96/tsMuxer/issues/780#issuecomment-1767800685 CVE-2023-45511 (https://github.com/justdan96/tsMuxer/issues/780): A memory leak in tsMuxer version git-2539d07 allows attackers to cause a Denial of Service (DoS) via a crafted MP4 file. There are potential patches, but seem untested by the reporter. |