CVE-2023-52339

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions libebml versions prior to 1.4.5

Description The issue is related to an integer overflow in the MemIOCallback.cpp file of the libebml library. This overflow can occur during reading or writing operations and may result in buffer overflows. The vulnerability can be exploited by a remote attacker to cause a denial of service.

Recommendations For versions prior to 1.4.5, update to version 1.4.5 or later to resolve the issue. As a temporary workaround, consider restricting access to the MemIOCallback.cpp file or limiting the operations that can be performed on it until a patch is applied.

Exploit

Fix

Integer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-190

Related Identifiers

ALT-PU-2024-1365

ALT-PU-2024-1573

ALT-PU-2024-1721

ALT-PU-2024-8908

BDU:2024-02535

CVE-2023-52339

DLA-4023-1

OPENSUSE-SU-2024:13588-1

ROSA-SA-2024-2522

ROSA-SA-2025-2652

Affected Products

Alt Linux

Astra Linux

Red Os

Libebml

CVE-2023-52339

Weakness Enumeration

Related Identifiers

Affected Products

References · 33