PT-2017-14852 · Aubio+1 · Aubio+1

Publicado

2017-12-12

Atualizado

2022-05-14

CVE-2017-17554

CVSS v4.0

6.8

Média

Vetor

AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Name of the Vulnerable Software and Affected Versions aubio version 0.4.6

Description A NULL pointer dereference issue was found in the aubio source avcodec readframe function, which may lead to a denial of service (DoS) when playing a crafted audio file. This issue is related to the file io/source avcodec.c.

Recommendations For aubio version 0.4.6, consider disabling the aubio source avcodec readframe function until a patch is available to prevent potential DoS attacks when playing crafted audio files.

Correção

DoS

NULL Pointer Dereference

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-476

Identificadores relacionados

CVE-2017-17554

GHSA-45H5-CQQW-9RJW

MGASA-2019-0016

OPENSUSE-SU-2018_1733-1

OPENSUSE-SU-2018_1734-1

OPENSUSE-SU-2024:10638-1

PYSEC-2017-76

Produtos afetados

Suse

Aubio

PT-2017-14852 · Aubio+1 · Aubio+1

CVE-2017-17554

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 23