Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2018-20198

Опубликовано: 18 дек. 2018
Источник: debian

Описание

A NULL pointer dereference was discovered in ifilter_bank of libfaad/filtbank.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of service because adding to windowed output is mishandled in the LONG_START_SEQUENCE case.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
faad2fixed2.8.8-2package

Примечания

  • https://github.com/knik0/faad2/issues/23

  • same underlying issue as CVE-2018-20362, same fix:

  • https://github.com/knik0/faad2/commit/466b01d504d7e45

Связанные уязвимости

ubuntu логотип

CVE-2018-20198

CVSS3: 5.5
ubuntu
около 7 лет назад

A NULL pointer dereference was discovered in ifilter_bank of libfaad/filtbank.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of service because adding to windowed output is mishandled in the LONG_START_SEQUENCE case.

nvd логотип

CVE-2018-20198

CVSS3: 5.5
nvd
около 7 лет назад

A NULL pointer dereference was discovered in ifilter_bank of libfaad/filtbank.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of service because adding to windowed output is mishandled in the LONG_START_SEQUENCE case.

github логотип

GHSA-xrvj-fcp5-3rm2

CVSS3: 5.5
github
больше 3 лет назад

A NULL pointer dereference was discovered in ifilter_bank of libfaad/filtbank.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of service because adding to windowed output is mishandled in the LONG_START_SEQUENCE case.

fstec логотип

BDU:2019-03602

CVSS3: 5.5
fstec
около 7 лет назад

Уязвимость функции ifilter_bank аудио декодера Freeware Advanced Audio Decoder 2 (FAAD2), позволяющая нарушителю вызвать отказ в обслуживании