Debian LTS DLA-1899-1 Moderate: faad2 Denial Of Service
debian lts
August 28, 2019
Multiple vulnerabilities have been discovered in faad2, the Freeware Advanced Audio Coder: CVE-2018-19502
Topics Covered
Summary
Heap buffer overflow in the function excluded_channels (libfaad/syntax.c).
This vulnerability might allow remote attackers to cause denial of service
via crafted MPEG AAC data.
CVE-2018-20196
Stack buffer overflow in the function calculate_gain (libfaad/br_hfadj.c).
This vulnerability might allow remote attackers to cause denial of service
or any unspecified impact via crafted MPEG AAC data.
CVE-2018-20199
CVE-2018-20360
NULL pointer dereference in the function ifilter_bank (libfaad/filtbank.c).
This vulnerability might allow remote attackers to cause denial of service
via crafted MPEG AAC data.
CVE-2019-6956
Global buffer overflow in the function ps_mix_phase (libfaad/ps_dec.c).
This vulnerability might allow remote attackers to cause denial of service
or any other unspecified impact via crafted MPEG AAC data.
CVE-2019-15296
Buffer overflow in the function faad_resetbits (libfaad/bits.c). This
PREVIOUS
NEXT
Package: faad2
Version: 2.7-8+deb8u3
CVE ID: CVE-2018-19502 CVE-2018-20196 CVE-2018-20199 CVE-2018-20360
Debian Bug: 914641
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!