vulnerability

Alpine Linux: CVE-2015-8791: libebml Several vulnerabilities

Try Surface Command

Back to search

Severity

CVSS

(AV:N/AC:M/Au:N/C:P/I:N/A:N)

Published

Jan 29, 2016

Added

Aug 30, 2017

Modified

Oct 30, 2017

Description

The EbmlElement::ReadCodedSizeValue function in libEBML before 1.3.3 allows context-dependent attackers to obtain sensitive information from process heap memory via a crafted length value in an EBML id, which triggers an invalid memory access.

Solution

alpine-linux-upgrade-libebml

References

ALPINE-5398
ALPINE-5399
ALPINE-5400
ALPINE-5401
CVE-2015-8791
https://attackerkb.com/topics/CVE-2015-8791
DEBIAN-DSA-3538

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report