A buffer overflow in BladeEnc might allow arbitrary code execution.
Package | media-sound/bladeenc on all architectures |
---|---|
Affected versions | < 0.94.2-r1 |
Unaffected versions |
BladeEnc is an mp3 encoder.
A crafted file could cause a buffer overflow in the iteration_loop function in BladeEnc.
A remote attacker could entice a user to open a specially crafted using BladeEnc, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition.
There is no known workaround at this time.
Gentoo has discontinued support for BladeEnc. We recommend that users unmerge it:
# emerge --ask --depclean "media-sound/bladeenc"
NOTE: The Gentoo developer(s) maintaining BladeEnc have discontinued support at this time. It may be possible that a new Gentoo developer will update BladeEnc at a later date. We do not have a suggestion for a replacement at this time.
Release date
July 08, 2021
Latest revision
July 08, 2021: 1
Severity
normal
Exploitable
remote
Bugzilla entries