In autofile Audio File Library 0.3.6, there exists one memory leak vulnerability in printfileinfo, in printinfo.c, which allows an attacker to leak sensitive information via a crafted file. The printfileinfo function calls the copyrightstring function to get data, however, it dosn't use zero bytes to truncate the data.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
28 Dec 2023, 15:58
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:* |
|
References | () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZPG27YKICLIWUFOPVUOAFAZGOX4BNHY/ - Mailing List | |
References | () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WTETOUJNRR75REYJZTBGF6TAJZYTMXUY/ - Mailing List | |
References | () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N4JXZ6QAMA3TSRY6GUZRY3WTHR7P5TPH/ - Mailing List | |
References | () https://lists.debian.org/debian-lts-announce/2023/11/msg00006.html - Mailing List | |
First Time |
Debian
Debian debian Linux Fedoraproject fedora Fedoraproject |
22 Nov 2023, 03:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
12 Nov 2023, 23:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
Information
Published : 2022-02-24 15:15
Updated : 2024-02-28 19:09
NVD link : CVE-2022-24599
Mitre link : CVE-2022-24599
CVE.ORG link : CVE-2022-24599
JSON object : View
Products Affected
fedoraproject
- fedora
debian
- debian_linux
audio_file_library_project
- audio_file_library
CWE
CWE-401
Missing Release of Memory after Effective Lifetime