MGASA-2022-0040

Source
https://advisories.mageia.org/MGASA-2022-0040.html
Import Source
https://advisories.mageia.org/MGASA-2022-0040.json
JSON Data
https://api.osv.dev/v1/vulns/MGASA-2022-0040
Related
Published
2022-01-27T22:26:20Z
Modified
2022-01-27T21:41:44Z
Summary
Updated aom packages fix security vulnerability
Details

AOM v2.0.1 was discovered to contain a stack buffer overflow via the component src/aom_image.c. (CVE-2020-36129)

AOM v2.0.1 was discovered to contain a NULL pointer dereference via the component av1/av1dxiface.c. (CVE-2020-36130)

AOM v2.0.1 was discovered to contain a stack buffer overflow via the component stats/rate_hist.c. (CVE-2020-36131)

AOM v2.0.1 was discovered to contain a global buffer overflow via the component av1/encoder/partition_search.h. (CVE-2020-36133)

AOM v2.0.1 was discovered to contain a NULL pointer dereference via the component rate_hist.c. (CVE-2020-36135)

References
Credits

Affected packages

Mageia:8 / aom

Package

Name
aom
Purl
pkg:rpm/mageia/aom?distro=mageia-8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.0.1-3.5.mga8

Ecosystem specific

{
    "section": "core"
}