| Fixing_vulnerabilities |
| 0 |
| url |
VCID-1ar6-muj2-jbdu |
| vulnerability_id |
VCID-1ar6-muj2-jbdu |
| summary |
DOS / potential heap overwrite in qtdemux using zlib decompression. Integer overflow in qtdemux element in qtdemux_inflate function which causes a segfault, or could cause a heap overwrite, depending on libc and OS. Depending on the libc used, and the underlying OS capabilities, it could be just a segfault or a heap overwrite. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2022-2122
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-1ar6-muj2-jbdu |
|
| 1 |
| url |
VCID-3em5-gbpa-wkft |
| vulnerability_id |
VCID-3em5-gbpa-wkft |
| summary |
DOS / potential heap overwrite in mkv demuxing using bzip decompression. Integer overflow in matroskademux element in bzip decompression function which causes a segfault, or could cause a heap overwrite, depending on libc and OS. Depending on the libc used, and the underlying OS capabilities, it could be just a segfault or a heap overwrite. If the libc uses mmap for large chunks, and the OS supports mmap, then it is just a segfault (because the realloc before the integer overflow will use mremap to reduce the size of the chunk, and it will start to write to unmapped memory). However, if using a libc implementation that does not use mmap, or if the OS does not support mmap while using libc, then this could result in a heap overwrite. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2022-1923
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-3em5-gbpa-wkft |
|
| 2 |
| url |
VCID-k4gv-4sws-uycd |
| vulnerability_id |
VCID-k4gv-4sws-uycd |
| summary |
DOS / potential heap overwrite in mkv demuxing using lzo decompression. Integer overflow in matroskademux element in lzo decompression function which causes a segfault, or could cause a heap overwrite, depending on libc and OS. Depending on the libc used, and the underlying OS capabilities, it could be just a segfault or a heap overwrite. If the libc uses mmap for large chunks, and the OS supports mmap, then it is just a segfault (because the realloc before the integer overflow will use mremap to reduce the size of the chunk, and it will start to write to unmapped memory). However, if using a libc implementation that does not use mmap, or if the OS does not support mmap while using libc, then this could result in a heap overwrite. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2022-1924
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-k4gv-4sws-uycd |
|
| 3 |
| url |
VCID-kxr4-s4e5-jfab |
| vulnerability_id |
VCID-kxr4-s4e5-jfab |
| summary |
Integer overflow in avidemux element in gst_avi_demux_invert function which allows a heap overwrite while parsing avi files. Potential for arbitrary code execution through heap overwrite. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2022-1921
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-kxr4-s4e5-jfab |
|
| 4 |
| url |
VCID-s7qg-sphe-nkbs |
| vulnerability_id |
VCID-s7qg-sphe-nkbs |
| summary |
DOS / potential heap overwrite in mkv demuxing using zlib decompression. Integer overflow in matroskademux element in gst_matroska_decompress_data function which causes a segfault, or could cause a heap overwrite, depending on libc and OS. Depending on the libc used, and the underlying OS capabilities, it could be just a segfault or a heap overwrite. If the libc uses mmap for large chunks, and the OS supports mmap, then it is just a segfault (because the realloc before the integer overflow will use mremap to reduce the size of the chunk, and it will start to write to unmapped memory). However, if using a libc implementation that does not use mmap, or if the OS does not support mmap while using libc, then this could result in a heap overwrite. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2022-1922
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-s7qg-sphe-nkbs |
|
| 5 |
| url |
VCID-y59d-6zuw-5ugc |
| vulnerability_id |
VCID-y59d-6zuw-5ugc |
| summary |
DOS / potential heap overwrite in mkv demuxing using HEADERSTRIP decompression. Integer overflow in matroskaparse element in gst_matroska_decompress_data function which causes a heap overflow. Due to restrictions on chunk sizes in the matroskademux element, the overflow can't be triggered, however the matroskaparse element has no size checks. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2022-1925
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-y59d-6zuw-5ugc |
|
| 6 |
| url |
VCID-zfbj-u932-y7cx |
| vulnerability_id |
VCID-zfbj-u932-y7cx |
| summary |
Integer overflow in matroskademux element in gst_matroska_demux_add_wvpk_header function which allows a heap overwrite while parsing matroska files. Potential for arbitrary code execution through heap overwrite. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2022-1920
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-zfbj-u932-y7cx |
|
|
|---|