---

CVE-2021-0561 - log back

CVE-2021-0561 edited at 06 Apr 2022 19:14:57
References	https://source.android.com/security/bulletin/pixel/2021-06-01 https://github.com/xiph/flac/issues/243 https://android.googlesource.com/platform/external/flac/+/368eb3f5bec249a197c95a95583ff8153aa6a87f%5E%21/ + https://github.com/xiph/flac/commit/e1575e4a7c5157cbf4e4a16dbd39b74f7174c7be + https://github.com/xiph/flac/pull/259 + https://github.com/xiph/flac/releases/tag/1.3.4

CVE-2021-0561 edited at 22 Jun 2021 13:15:57
References	https://source.android.com/security/bulletin/pixel/2021-06-01 + https://github.com/xiph/flac/issues/243 https://android.googlesource.com/platform/external/flac/+/368eb3f5bec249a197c95a95583ff8153aa6a87f%5E%21/

CVE-2021-0561 edited at 22 Jun 2021 13:09:14
Severity	- Unknown + Medium
Remote	- Unknown + Remote
Type	- Unknown + Information disclosure
Description	+ In append_to_verify_fifo_interleaved_ of stream_encoder.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
References	+ https://source.android.com/security/bulletin/pixel/2021-06-01 + https://android.googlesource.com/platform/external/flac/+/368eb3f5bec249a197c95a95583ff8153aa6a87f%5E%21/
Notes

CVE-2021-0561 created at 22 Jun 2021 13:07:07