vulnerability

Alpine Linux: CVE-2015-8792: libmatroska Out-of-bounds heap read in KaxInternalBlockReadData()

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:N/AC:L/Au:N/C:P/I:N/A:N)	Jan 29, 2016	Aug 30, 2017	Jan 29, 2019

Severity

CVSS

(AV:N/AC:L/Au:N/C:P/I:N/A:N)

Published

Jan 29, 2016

Added

Aug 30, 2017

Modified

Jan 29, 2019

Description

The KaxInternalBlock::ReadData function in libMatroska before 1.4.4 allows context-dependent attackers to obtain sensitive information from process heap memory via crafted EBML lacing, which triggers an invalid memory access.

Solutions

alpine-linux-upgrade-libebmlalpine-linux-upgrade-libmatroska

References

ALPINE-5404
ALPINE-5405
ALPINE-5406
ALPINE-5407
CVE-2015-8792
https://attackerkb.com/topics/CVE-2015-8792
DEBIAN-DSA-3526

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report