Read Time:26 Second

FEDORA-2025-23e4aeeb91

Packages in this update:

libxmp-4.6.1-2.fc41

Update description:

Latest upstream release. Changelog:

Fixes:

CVE-2023-45679: Attempt to free an uninitialized memory pointer in vorbis_deinit()
CVE-2023-45680: Null pointer dereference in vorbis_deinit()
CVE-2023-45681: Out of bounds heap buffer write
CVE-2023-45676: Multi-byte write heap buffer overflow in start_decoder()
CVE-2023-45677: Heap buffer out of bounds write in start_decoder()
CVE-2023-45682: Wild address read in vorbis_decode_packet_rest()

More Stories

USN-7187-1: Linux kernel (OEM) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This...

January 6, 2025

USN-7186-1: Linux kernel (Intel IoTG) vulnerabilities

Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. A physically proximate remote...

January 6, 2025

USN-7179-2: Linux kernel vulnerabilities

Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. A physically proximate remote...

January 6, 2025

USN-7185-1: Linux kernel vulnerabilities

Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an integer overflow vulnerability. A...

January 6, 2025

USN-7184-1: Linux kernel vulnerabilities

Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an integer overflow vulnerability. A...

January 6, 2025

USN-7183-1: Linux kernel vulnerabilities

Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. A physically proximate remote...

January 6, 2025