USN-5937-1: Opusfile vulnerability
8 March 2023
Opusfile could be made to crash if it received specially crafted input.
- opusfile - debugging symbols for libopusfile
It was discovered that Opusfile was not properly validating pointer
arguments in some of its functions, which could lead to a NULL pointer
dereference. An attacker could possibly use this issue to cause a denial
of service or have other unspecified impacts.
The problem can be corrected by updating your system to the following package versions:
- libopusfile0 - 0.9+20170913-1.1ubuntu0.1~esm1
- libopusfile0 - 0.9+20170913-1ubuntu0.20.04.1~esm1
- libopusfile0 - 0.9+20170913-1ubuntu0.18.04.1~esm1
- libopusfile0 - 0.7-1ubuntu0.1~esm1
In general, a standard system update will make all the necessary changes.