CVE-2024-36600
Published: 14 June 2024
Buffer Overflow Vulnerability in libcdio v2.1.0 allows an attacker to execute arbitrary code via a crafted ISO 9660 image file.
Priority
Status
| Package | Release | Status |
|---|---|---|
|
libcdio Launchpad, Ubuntu, Debian |
bionic |
Released
(1.0.0-2ubuntu2+esm2)
Available with Ubuntu Pro or Ubuntu Pro (Infra-only) |
| focal |
Released
(2.0.0-2ubuntu0.2)
|
|
| jammy |
Released
(2.1.0-3ubuntu0.2)
|
|
| mantic |
Released
(2.1.0-4ubuntu0.2)
|
|
| noble |
Released
(2.1.0-4.1ubuntu1.2)
|
|
| trusty |
Released
(0.83-4.1ubuntu1+esm3)
Available with Ubuntu Pro or Ubuntu Pro (Infra-only) |
|
| upstream |
Released
(2.1.1.dev0)
|
|
| xenial |
Released
(0.83-4.2ubuntu1+esm3)
Available with Ubuntu Pro or Ubuntu Pro (Infra-only) |
References
- https://www.cve.org/CVERecord?id=CVE-2024-36600
- https://github.com/gashasbi/My-Reports/tree/main/CVE-2024-36600
- https://lists.gnu.org/archive/html/libcdio-devel/2024-04/msg00000.html
- https://lists.gnu.org/archive/html/libcdio-devel/2024-05/msg00005.html
- https://ubuntu.com/security/notices/USN-6855-1
- NVD
- Launchpad
- Debian