[Bugs] [Bug 13266] New: [CVE 21] libmysofa 1.0 CVEs found

[bugzilla]

https://bugzilla.rosalinux.ru/show_bug.cgi?id=13266

          Platform: 2021.1
            Bug ID: 13266
           Summary: [CVE 21] libmysofa 1.0 CVEs found
    Classification: ROSA-based products
           Product: ROSA Fresh
           Version: All
          Hardware: All
               URL: CVE-2020-36148, CVE-2020-36149, CVE-2020-36150,
                    CVE-2020-36151, CVE-2020-36152, CVE-2021-3756,
                OS: Linux
            Status: CONFIRMED
          Severity: normal
          Priority: Normal
         Component: System (kernel, glibc, systemd, bash, PAM...)
          Assignee: bugs на lists.rosalinux.ru
          Reporter: y.tumanov на rosalinux.ru
        QA Contact: bugs на lists.rosalinux.ru
                CC: s.matveev на rosalinux.ru, y.tumanov на rosalinux.ru
  Target Milestone: ---
             Flags: secteam_verified?

Please patch CVEs for package libmysofa version 1.0  
INFO (CVEs are): libmysofa 1.0 cves found
CVE-2020-36148
Desc: Incorrect handling of input data in verifyAttribute function in the
libmysofa library 0.5 - 1.1 will lead to NULL pointer dereference and
segmentation fault error in case of restrictive memory protection or near NULL
pointer overwrite in case of no memory restrictions (e.g. in embedded
environments).
Link: https://nvd.nist.gov/vuln/detail/CVE-2020-36148
Severity: MEDIUM
CVE-2020-36149
Desc: Incorrect handling of input data in changeAttribute function in the
libmysofa library 0.5 - 1.1 will lead to NULL pointer dereference and
segmentation fault error in case of restrictive memory protection or near NULL
pointer overwrite in case of no memory restrictions (e.g. in embedded
environments).
Link: https://nvd.nist.gov/vuln/detail/CVE-2020-36149
Severity: MEDIUM
CVE-2020-36150
Desc: Incorrect handling of input data in loudness function in the libmysofa
library 0.5 - 1.1 will lead to heap buffer overflow and access to unallocated
memory block.
Link: https://nvd.nist.gov/vuln/detail/CVE-2020-36150
Severity: MEDIUM
CVE-2020-36151
Desc: Incorrect handling of input data in mysofa_resampler_reset_mem function
in the libmysofa library 0.5 - 1.1 will lead to heap buffer overflow and
overwriting large memory block.
Link: https://nvd.nist.gov/vuln/detail/CVE-2020-36151
Severity: MEDIUM
CVE-2020-36152
Desc: Buffer overflow in readDataVar in hdf/dataobject.c in Symonics libmysofa
0.5 - 1.1 allows attackers to execute arbitrary code via a crafted SOFA.
Link: https://nvd.nist.gov/vuln/detail/CVE-2020-36152
Severity: HIGH
CVE-2021-3756
Desc: libmysofa is vulnerable to Heap-based Buffer Overflow
Link: https://nvd.nist.gov/vuln/detail/CVE-2021-3756
Severity: CRITICAL

-- 
You are receiving this mail because:
You are the QA Contact for the bug.
You are the assignee for the bug.
----------- следущая часть -----------
Вложение в формате HTML было извлечено…
URL: <http://lists.rosalinux.ru/pipermail/bugs/attachments/20230503/03a1cc0f/attachment.html>