MGASA-2024-0242
- Source
- https://advisories.mageia.org/MGASA-2024-0242.html
- Import Source
- https://advisories.mageia.org/MGASA-2024-0242.json
- JSON Data
- https://api.osv.dev/v1/vulns/MGASA-2024-0242
- Published
- 2024-06-28T02:41:31Z
- Modified
- 2026-04-16T04:21:53.129938Z
- Summary
- Updated libopenmpt packages fix security vulnerabilities
- Details
-
Possible out-of-bounds read or write when reading malformed MED files. (r19389). [Null-pointer write (32bit platforms) or excessive memory allocation (64bit platforms) when reading close to 4GiB of data from unseekable files (r20336, r20338). Write buffer overflow when reading unseekable files close to 4GiB in size (r20339). [Possible out-of-memory (32bit platforms) or excessive memory allocation (64bit platforms) when reading malformed data from unseekable files (r20340). DMF: Possible null-pointer write or excessive memory allocation when reading DMF files (r20323). Potential heap out-of-bounds read or write past sample end with malformed sustain loops in SymMOD files (r20420). Potential heap out-of-bounds read with malformed Dynamic Studio DSm files (r20912).
- References
-
- https://advisories.mageia.org/MGASA-2024-0242.html
- https://bugs.mageia.org/show_bug.cgi?id=33333
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZVQOQRGG6SYMGVWYOQWZ6D5URKRT4FKC/
- https://lib.openmpt.org/libopenmpt/2023/06/18/security-updates-0.7.2-0.6.11-0.5.25-release-0.4.37/
- https://lib.openmpt.org/libopenmpt/2024/03/17/security-updates-0.7.5-0.6.14-0.5.28-0.4.40/
- https://lib.openmpt.org/libopenmpt/2024/03/24/security-updates-0.7.6-0.6.15-0.5.29-0.4.41/
- https://lib.openmpt.org/libopenmpt/2024/06/09/security-update-0.7.8-releases-0.6.17-0.5.31-0.4.43/
- Credits
-
-
- Mageia - COORDINATOR
-
Affected packages
Mageia:9 / libopenmpt
Package
- Name
- libopenmpt
- Purl
- pkg:rpm/mageia/libopenmpt?arch=source&distro=mageia-9