CVE-2020-22219

Published: 8/22/2023 Last updated: 10/3/2024 Reserved: 8/13/2020

Buffer Overflow vulnerability in function bitwriter_grow_ in flac before 1.4.0 allows remote attackers to run arbitrary code via crafted input to the encoder.

CNA assigner: mitre (8254265b-2729-46b6-b9e3-3dfca2d5bfca) Requested by: n/a

Opam packages affected (1)

conf-libflac

Products affected (1)

Product	Vendor	Version
n/a	n/a	< d9ccb18f83ea2bb654289b6ecf014fd267cc988b

References (8)

https://github.com/xiph/flac/issues/215
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZD2AJTU4PCJQP7HPTS2L2ELJWBASCRGD/
https://www.debian.org/security/2023/dsa-5500
https://lists.debian.org/debian-lts-announce/2023/09/msg00028.html
https://github.com/xiph/flac/issues/215
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZD2AJTU4PCJQP7HPTS2L2ELJWBASCRGD/
https://www.debian.org/security/2023/dsa-5500
https://lists.debian.org/debian-lts-announce/2023/09/msg00028.html