Your submission was sent successfully! Close

CVE-2021-0561

Published: 22 June 2021

In append_to_verify_fifo_interleaved_ of stream_encoder.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-174302683

Priority

Low

CVSS 3 base score: 5.5

Status

Package Release Status
flac
Launchpad, Ubuntu, Debian
bionic
Released (1.3.2-1ubuntu0.1)
focal
Released (1.3.3-1ubuntu0.1)
impish Ignored
(reached end-of-life)
jammy
Released (1.3.3-2ubuntu0.1)
kinetic Not vulnerable
(1.3.4-2)
trusty
Released (1.3.0-2ubuntu0.14.04.1+esm1)
upstream
Released (1.3.4-1, 1.3.4)
xenial
Released (1.3.1-4ubuntu0.1~esm1)
Patches:
upstream: https://github.com/xiph/flac/commit/e1575e4a7c5157cbf4e4a16dbd39b74f7174c7be