CNNVD-202602-175 Information

CNNVD ID

CNNVD-202602-175

Related CVE

CVE-2026-1766

• CNNVD Published: 2026-02-02

Description (Chinese)

GNOME localsearch MP3 Extractor是GNOME开源的一个MP3音频文件提取组件。 GNOME localsearch MP3 Extractor存在安全漏洞，该漏洞源于MP3 Extractor tracker-extract-mp3处理包含畸形ID3v2.3 COMM标签的特制MP3文件时存在堆缓冲区溢出，可能导致拒绝服务攻击或信息泄露。

Description (English)

GNOME localesearch MP3 Extractor is an MP3 audio extraction component of an open source for GNOME. There is a security loophole in GNOME localsearch MP3 Extractor, which stems from the spilling of buffers when MP3 Contractor tracker-extract-mp3 processes custom-made MP3 files containing deformity ID3v2.3 COMM labels, which may lead to denial of service attacks or information leaks.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

GNOME

Published

2026-02-02

Last Modified

2026-02-24

References

https://access.redhat.com/security/cve/cve-2026-1766