Debian Security Advisory 5811-1

Debian Security Advisory 5811-1: Posted Nov 12, 2024; Authored by Debian | Site debian.org; Debian Linux Security Advisory 5811-1 - An out-of-bounds write vulnerability when handling crafted streams was discovered in mpg123, a real time MPEG 1.0/2.0/2.5 audio player/decoder for layers 1, 2 and 3, which could result in the execution of arbitrary code.; tags | advisory, arbitrary; systems | linux, debian; advisories | CVE-2024-10573; SHA-256 | d8e041870369384cf1c57cd3b97f22c616a739f5c0a8d9d88154d1d723d68857; Download | Favorite | View

Debian Security Advisory 5811-1

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5811-1                   security@debian.org
https://www.debian.org/security/                     Salvatore Bonaccorso
November 11, 2024                     https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : mpg123
CVE ID         : CVE-2024-10573
Debian Bug     : 1086443

An out-of-bounds write vulnerability when handling crafted streams was
discovered in mpg123, a real time MPEG 1.0/2.0/2.5 audio player/decoder
for layers 1, 2 and 3, which could result in the execution of arbitrary
code.

For the stable distribution (bookworm), this problem has been fixed in
version 1.31.2-1+deb12u1.

We recommend that you upgrade your mpg123 packages.

For the detailed security status of mpg123 please refer to its security
tracker page at:
https://security-tracker.debian.org/tracker/mpg123

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmcyWeBfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0TeBA/6AxHGN840gcJbF44ZG9yPQetGT0x5l2JqY3xYWWdAdDRsDpduYrLT4JT1
3W0wuGjbuYkBM12iS07gNZzSHJCz8+/W4nIdp64qs2kNLvfRkyUJIweKiX+zhpTt
zstdx4Bj1y0xEVoPiCmHHwXwuo9UrAaThtJ6dY3k1wrS7pNiYg9KvedVBZSD7pVb
q2qckY0Sl5VD6a3Tlm3CoXg9b8rQmtO28ATYAAeZNod2HhhpwXX7z1Za2o0iEVWp
t3eghP/W9NBJFrbjXW+U0WuzKj4kaJBRIjPKZqaYG7SA184XOtFGgWzTPu/ee0+N
8H58n9US1boHMsTtq9F8z3lnAlbn1GYyEHVT79Lk6Je0PnzJvA0mG/ytIO4tJrpn
Gji3fCD/IC+yer+vDiXry3StB5FklzXBcdNnBvf+qaP+MOoRGqlPS5kBoKrD28Mm
Aa9b/7LZBjk90PisT45Wv6Ui4yLTcpMvPH+2x4VGafhNhv3jeu0ya1EuCj01Dwz0
IUSU+3hXXVLPhxfiHiWQlhR3tdrzBd8wkulLAHg0vVy0vZ2+TkmH+Q98zY05sngj
BE0C3lfUggu+snMRFXKpy3aSSVznx6W6KR0kUGnFPEMlwd3FkB8HTefPH9fWMn38
X41D8fm7+hgOYBaFgUftgLQrhXmlNjb6ZOb+WBz2rt95lNERH5M=
=HcPy
-----END PGP SIGNATURE-----

Top Authors In Last 30 Days

Red Hat 293 files
Ubuntu 64 files
Debian 22 files
Gentoo 8 files
Google Security Research 7 files
LiquidWorm 6 files
Apple 5 files
Jann Horn 3 files
Spencer McIntyre 3 files
Milad Karimi 3 files

File Archives

Systems

AIX (430)
Apple (2,132)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,175)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,607)
HPUX (881)
iOS (395)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (52,140)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,480)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (10,022)
UNIX (9,482)
UnixWare (188)
Windows (6,785)
Other

Debian Security Advisory 5811-1

Debian Security Advisory 5811-1

File Archive:

December 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Debian Security Advisory 5811-1

Share This

Debian Security Advisory 5811-1

File Archive:

December 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems