Package: libebml | Debian Sources

Package: libebml / 1.4.4-1+deb12u1

Metadata

Package	Version	Patches format
libebml	1.4.4-1+deb12u1	3.0 (quilt)

Patch series

view the series file

Patch	File delta	Description
CVE 2023 52339.patch \| (download)	src/MemIOCallback.cpp \| 3 2 + 1 - 0 ! 1 file changed, 2 insertions(+), 1 deletion(-)	[patch] memiocallback: fix buffer overflow when reading too much data If the addition of 2 positive values is smaller than one of the values then we have an overflowing addition. In this case that means we are trying to read more data that is actually in our buffer. So we can use the same mechanism as reading too much data. (cherry picked from commit 4d577f5c3e267b2988d56dafebc82dedb4c45506) Signed-off-by: Steve Lhomme <slhomme@matroska.org>

Patch

File delta

Description

CVE 2023 52339.patch | (download)

src/MemIOCallback.cpp | 3 2 + 1 - 0 !
1 file changed, 2 insertions(+), 1 deletion(-)

 [patch] memiocallback: fix buffer overflow when reading too much data

If the addition of 2 positive values is smaller than one of the values then we
have an overflowing addition.

In this case that means we are trying to read more data that is actually in
our buffer. So we can use the same mechanism as reading too much data.

(cherry picked from commit 4d577f5c3e267b2988d56dafebc82dedb4c45506)
Signed-off-by: Steve Lhomme <slhomme@matroska.org>