| Errata ID | 389 |
|---|---|
| Date | 2019-12-11 |
| Source package | libvpx |
| Fixed in version | 1.6.1-3+deb9u2 |
| Description | This update addresses the following issues: * In libvpx, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation (CVE-2019-9232) * In libvpx, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation (CVE-2019-9325) * In libvpx, there is a possible information disclosure due to improper input validation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation (CVE-2019-9433) |
| Additional notes | |
| CVE ID | CVE-2019-9232 CVE-2019-9325 CVE-2019-9433 |
| UCS Bug number | #50585 |
