CVE-2024-36600
Published: 14 June 2024
Buffer Overflow Vulnerability in libcdio v2.1.0 allows an attacker to execute arbitrary code via a crafted ISO 9660 image file.
Priority
Status
Package | Release | Status |
---|---|---|
libcdio Launchpad, Ubuntu, Debian |
bionic |
Released
(1.0.0-2ubuntu2+esm2)
Available with Ubuntu Pro or Ubuntu Pro (Infra-only) |
focal |
Released
(2.0.0-2ubuntu0.2)
|
|
jammy |
Released
(2.1.0-3ubuntu0.2)
|
|
mantic |
Released
(2.1.0-4ubuntu0.2)
|
|
noble |
Released
(2.1.0-4.1ubuntu1.2)
|
|
trusty |
Released
(0.83-4.1ubuntu1+esm3)
Available with Ubuntu Pro or Ubuntu Pro (Infra-only) |
|
upstream |
Released
(2.1.1.dev0)
|
|
xenial |
Released
(0.83-4.2ubuntu1+esm3)
Available with Ubuntu Pro or Ubuntu Pro (Infra-only) |
References
- https://www.cve.org/CVERecord?id=CVE-2024-36600
- https://github.com/gashasbi/My-Reports/tree/main/CVE-2024-36600
- https://lists.gnu.org/archive/html/libcdio-devel/2024-04/msg00000.html
- https://lists.gnu.org/archive/html/libcdio-devel/2024-05/msg00005.html
- https://ubuntu.com/security/notices/USN-6855-1
- NVD
- Launchpad
- Debian