Mageia: 2019-0045 High: Wavpack Denial Of Service Issues
mageia
January 23, 2019
Joonun Jang discovered that WavPack incorrectly handled certain RF64 files
Summary
Joonun Jang discovered that WavPack incorrectly handled certain RF64
files. An attacker could possibly use this to cause a denial of service
(CVE-2018-6767).
It was discovered that WavPack incorrectly handled certain DSDIFF files.
An attacker could possibly use this to execute arbitrary code or cause a
denial of service (CVE-2018-7253).
It was discovered that WavPack incorrectly handled certain CAF files. An
attacker could possibly use this to cause a denial of service
(CVE-2018-7254).
Thuan Pham, Marcel B?hme, Andrew Santosa and Alexandru Razvan Caciulescu
discovered that WavPack incorrectly handled certain .wav files. An
attacker could possibly use this to execute arbitrary code or cause a
denial of service (CVE-2018-10536, CVE-2018-10537).
Thuan Pham, Marcel B?hme, Andrew Santosa and Alexandru Razvan Caciulescu
discovered that WavPack incorrectly handled certain .wav files. An
attacker could possibly use this to cause a denial of service
(CVE-2018-10538, CVE-2018-10539, CVE-2018-...
References
- https://bugs.mageia.org/show_bug.cgi?id=22588
-
- https://ubuntu.com/security/notices/USN-3578-1
- https://ubuntu.com/security/notices/USN-3637-1
- https://ubuntu.com/security/notices/USN-3839-1
- https://www.cve.org/CVERecord?id=CVE-2018-6767
- https://www.cve.org/CVERecord?id=CVE-2018-7253
- https://www.cve.org/CVERecord?id=CVE-2018-7254
- https://www.cve.org/CVERecord?id=CVE-2018-10536
- https://www.cve.org/CVERecord?id=CVE-2018-10537
- https://www.cve.org/CVERecord?id=CVE-2018-10538
- https://www.cve.org/CVERecord?id=CVE-2018-10539
- https://www.cve.org/CVERecord?id=CVE-2018-10540
- https://www.cve.org/CVERecord?id=CVE-2018-19840
- https://www.cve.org/CVERecord?id=CVE-2018-19841
Topics Covered
Resolution
SRPMS
- 6/core/wavpack-5.1.0-1.1.mga6
PREVIOUS
NEXT
Publication date: 23 Jan 2019
URL: https://advisories.mageia.org/MGASA-2019-0045.html
Type: security
CVE: CVE-2018-6767,
CVE-2018-7253,
CVE-2018-7254,
CVE-2018-10536,
CVE-2018-10537,
CVE-2018-10538,
CVE-2018-10539,
CVE-2018-10540,
CVE-2018-19840,
CVE-2018-19841
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!