Debian 10: DLA-1038-2 Severe: Libpng Memory Corruption Vulnerability
debian lts
May 28, 2017
CVE-2017-8361 The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (buffer overflow and
Topics Covered
Summary
CVE-2017-8361
The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows
remote attackers to cause a denial of service (buffer overflow and
application crash) or possibly have unspecified other impact via a
crafted audio file.
CVE-2017-8362
The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows
remote attackers to cause a denial of service (invalid read and
application crash) via a crafted audio file.
CVE-2017-8363
The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows
remote attackers to cause a denial of service (heap-based buffer
over-read and application crash) via a crafted audio file.
CVE-2017-8365
The i2les_array function in pcm.c in libsndfile 1.0.28 allows
remote attackers to cause a denial of service (buffer over-read
and application crash) via a crafted audio file.
For Debian 7 "Wheezy", these problems have been fixed in version
1.0.25-9.1+deb7u2.
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Package: libsndfile
Version: 1.0.25-9.1+deb7u2
CVE ID: CVE-2017-8361 CVE-2017-8362 CVE-2017-8363 CVE-2017-8365
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!