Moritz Bunkus

**Name of the Vulnerable Software and Affected Versions** libEBML versions prior to 1.3.3 **Description** The issue allows context-dependent attackers to obtain sensitive information from process heap memory via a crafted length value in an EBML id, which triggers an invalid memory access. This occurs in the EbmlElement::ReadCodedSizeValue function. **Recommendations** For versions prior to 1.3.3, update to version 1.3.3 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** libMatroska versions prior to 1.4.4 **Description** The issue allows context-dependent attackers to obtain sensitive information from process heap memory via crafted EBML lacing, which triggers an invalid memory access. This is due to a problem in the KaxInternalBlock::ReadData function. **Recommendations** For versions prior to 1.4.4, update to version 1.4.4 or later to resolve the issue. As a temporary workaround, consider restricting access to the KaxInternalBlock::ReadData function until a patch is available.