Unrated severityNVD Advisory· Published Oct 3, 2019· Updated Aug 5, 2024
CVE-2019-17113
CVE-2019-17113
Description
In libopenmpt before 0.3.19 and 0.4.x before 0.4.9, ModPlug_InstrumentName and ModPlug_SampleName in libopenmpt_modplug.c do not restrict the lengths of libmodplug output-buffer strings in the C API, leading to a buffer overflow.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
6- libopenmpt/libopenmptdescription
- Range: <0.3.19, >=0.4.0 <0.4.9
- osv-coords4 versionspkg:rpm/opensuse/libopenmpt&distro=openSUSE%20Leap%2015.0pkg:rpm/opensuse/libopenmpt&distro=openSUSE%20Leap%2015.1pkg:rpm/suse/libopenmpt&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015pkg:rpm/suse/libopenmpt&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP1
< 0.3.19-lp150.10.1+ 3 more
- (no CPE)range: < 0.3.19-lp150.10.1
- (no CPE)range: < 0.3.19-lp151.2.6.1
- (no CPE)range: < 0.3.19-2.10.1
- (no CPE)range: < 0.3.19-2.10.1
Patches
Vulnerability mechanics
References
8- lists.opensuse.org/opensuse-security-announce/2019-10/msg00035.htmlmitrevendor-advisoryx_refsource_SUSE
- lists.opensuse.org/opensuse-security-announce/2019-10/msg00044.htmlmitrevendor-advisoryx_refsource_SUSE
- www.debian.org/security/2020/dsa-4729mitrevendor-advisoryx_refsource_DEBIAN
- github.com/OpenMPT/openmpt/commit/927688ddab43c2b203569de79407a899e734fabemitrex_refsource_MISC
- github.com/OpenMPT/openmpt/compare/libopenmpt-0.3.18...libopenmpt-0.3.19mitrex_refsource_MISC
- github.com/OpenMPT/openmpt/compare/libopenmpt-0.4.8...libopenmpt-0.4.9mitrex_refsource_MISC
- lists.debian.org/debian-lts-announce/2020/08/msg00003.htmlmitremailing-listx_refsource_MLIST
- source.openmpt.org/browse/openmpt/trunk/OpenMPT/mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.