Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2017-17446

Опубликовано: 06 дек. 2017
Источник: debian

Описание

The Mem_File_Reader::read_avail function in Data_Reader.cpp in the Game_Music_Emu library (aka game-music-emu) 0.6.1 does not ensure a non-negative size, which allows remote attackers to cause a denial of service (application crash) via a crafted file.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
game-music-emufixed0.6.2-1package
game-music-emuno-dsastretchpackage
game-music-emuno-dsajessiepackage
game-music-emuno-dsawheezypackage

Примечания

  • https://bitbucket.org/mpyne/game-music-emu/issues/14/addresssanitizer-negative-size-param-size

  • Patch: https://bitbucket.org/mpyne/game-music-emu/commits/205290614cdc057541b26adeea05a9d45993f860

  • Additional hardening: https://bitbucket.org/mpyne/game-music-emu/commits/4a441e94cba14268bc4e983d4dfd6ed112084d00

Связанные уязвимости

ubuntu логотип

CVE-2017-17446

CVSS3: 6.5
ubuntu
около 8 лет назад

The Mem_File_Reader::read_avail function in Data_Reader.cpp in the Game_Music_Emu library (aka game-music-emu) 0.6.1 does not ensure a non-negative size, which allows remote attackers to cause a denial of service (application crash) via a crafted file.

nvd логотип

CVE-2017-17446

CVSS3: 6.5
nvd
около 8 лет назад

The Mem_File_Reader::read_avail function in Data_Reader.cpp in the Game_Music_Emu library (aka game-music-emu) 0.6.1 does not ensure a non-negative size, which allows remote attackers to cause a denial of service (application crash) via a crafted file.

github логотип

GHSA-pwfg-g35m-wrcw

CVSS3: 6.5
github
больше 3 лет назад

The Mem_File_Reader::read_avail function in Data_Reader.cpp in the Game_Music_Emu library (aka game-music-emu) 0.6.1 does not ensure a non-negative size, which allows remote attackers to cause a denial of service (application crash) via a crafted file.