A buffer overflow in BladeEnc might allow arbitrary code execution.
|Package||media-sound/bladeenc on all architectures|
|Affected versions||< 0.94.2-r1|
BladeEnc is an mp3 encoder.
A crafted file could cause a buffer overflow in the iteration_loop function in BladeEnc.
A remote attacker could entice a user to open a specially crafted using BladeEnc, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition.
There is no known workaround at this time.
Gentoo has discontinued support for BladeEnc. We recommend that users unmerge it:
# emerge --ask --depclean "media-sound/bladeenc"
NOTE: The Gentoo developer(s) maintaining BladeEnc have discontinued support at this time. It may be possible that a new Gentoo developer will update BladeEnc at a later date. We do not have a suggestion for a replacement at this time.
July 08, 2021
July 08, 2021: 1