PT-2020-13357 · Kde+1 · Amarok+1
R00Texpl0It
·
Published
2020-05-20
·
Updated
2022-04-28
·
CVE-2020-13152
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Amarok version 2.8.0
Description
A remote user can create a specially crafted M3U file, a media playlist file, that when loaded by the target user, will trigger a memory leak. This memory leak causes Amarok to continue wasting resources over time, eventually allowing attackers to cause a denial of service.
Recommendations
For Amarok version 2.8.0, consider disabling the loading of M3U files until a patch is available to prevent the memory leak and potential denial of service.
Exploit
Fix
DoS
Memory Leak
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Amarok
Debian