Rashin lahani huɗu a cikin masu sarrafa tsarin OGG, AV1, FAAD, ASF ana haifar da su ta hanyar ikon karanta bayanai daga wuraren ƙwaƙwalwar ajiya a waje da abin da aka keɓe. Matsaloli guda uku suna haifar da NULL ɓarkewar ma'ana a cikin dvdnav, ASF da AVI format unpackers. Rashin lahani ɗaya yana ba da damar adadin lamba a cikin na'urar ragewa MP4.
Matsala tare da buɗaɗɗen tsarin OGG (CVE-2019-14438)
Hakanan akwai rauni (CVE-2019-14533) a cikin tsarin unpacker na ASF, wanda ke ba ku damar rubuta bayanai zuwa yankin ƙwaƙwalwar ajiya da aka rigaya kuma ku cimma aiwatar da lambar yayin yin aikin gungurawa gaba ko baya akan tsarin lokaci yayin sake kunnawa na WMV kuma WMA fayiloli. Bugu da ƙari, matsalolin CVE-2019-13602 (labarin lamba) da CVE-2019-13962 (karantawa daga wani yanki a waje da buffer) an sanya su cikin haɗari mai mahimmanci (8.8 da 9.8), amma masu haɓaka VLC ba su yarda ba kuma la'akari da waɗannan raunin da ba su da haɗari (suna ba da shawarar canza matakin zuwa 4.3).
gyare-gyaren da ba na tsaro ba sun haɗa da gyaran stuttering lokacin kallon bidiyo a ƙananan ƙananan ƙira, haɓaka tallafi don daidaitawa mai daidaitawa (ingantattun lambar buffering), warware matsaloli tare da ma'anar fassarar WebVTT, inganta fitarwar sauti akan dandamali na macOS da iOS, sabunta rubutun don saukewa daga Youtube, Magance batutuwa tare da ba da damar Direct3D11 don amfani da haɓaka kayan aiki akan tsarin tare da wasu direbobin AMD.
source: budenet.ru