CVE-2017-18199

Опубликовано: 24 фев. 2018

Источник: debian

EPSS Низкий

Описание

realloc_symlink in rock.c in GNU libcdio before 1.0.0 allows remote attackers to cause a denial of service (NULL Pointer Dereference) via a crafted iso file.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
libcdio	fixed	1.0.0-1		package
libcdio	ignored		stretch	package
libcdio	no-dsa		jessie	package
libcdio	no-dsa		wheezy	package

Примечания

https://savannah.gnu.org/bugs/?52264

EPSS

Процентиль: 85%

0.02406

Низкий

Связанные уязвимости

CVE-2017-18199

CVSS3: 6.5

ubuntu

почти 8 лет назад

realloc_symlink in rock.c in GNU libcdio before 1.0.0 allows remote attackers to cause a denial of service (NULL Pointer Dereference) via a crafted iso file.

CVE-2017-18199

CVSS3: 2.8

redhat

почти 8 лет назад

realloc_symlink in rock.c in GNU libcdio before 1.0.0 allows remote attackers to cause a denial of service (NULL Pointer Dereference) via a crafted iso file.

CVE-2017-18199

CVSS3: 6.5

nvd

почти 8 лет назад

realloc_symlink in rock.c in GNU libcdio before 1.0.0 allows remote attackers to cause a denial of service (NULL Pointer Dereference) via a crafted iso file.

SUSE-SU-2020:3023-1

suse-cvrf

больше 5 лет назад

Security update for libcdio

SUSE-SU-2020:14498-1

suse-cvrf

больше 5 лет назад

Security update for libcdio

EPSS

Процентиль: 85%

0.02406

Низкий