The KaxInternalBlock::ReadData function in libMatroska before 1.4.4 allows context-dependent attackers to obtain sensitive information from process heap memory via crafted EBML lacing, which triggers an invalid memory access.
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_name": "libmatroska-dev", "binary_version": "1.4.1-2+deb8u1build0.14.04.1" }, { "binary_name": "libmatroska6", "binary_version": "1.4.1-2+deb8u1build0.14.04.1" }, { "binary_name": "libmatroska6-dbgsym", "binary_version": "1.4.1-2+deb8u1build0.14.04.1" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_name": "libmatroska-dev", "binary_version": "1.4.4-1" }, { "binary_name": "libmatroska6v5", "binary_version": "1.4.4-1" }, { "binary_name": "libmatroska6v5-dbgsym", "binary_version": "1.4.4-1" } ] }