CVE-2017-18246

Name of the Vulnerable Software and Affected Versions: Libav version 12.2

Description: The issue allows remote attackers to cause a denial of service, specifically a heap-based buffer over-read, by providing a crafted media file. This is due to a problem in the pcm encode frame function located in libavcodec/pcm.c.

Recommendations: For Libav version 12.2, consider applying a patch or fix that addresses the issue in the pcm encode frame function to prevent the heap-based buffer over-read. As a temporary workaround, consider restricting the processing of crafted media files until a patch is available.