CVE-2017-18201

Опубликовано: 27 фев. 2018

Источник: redhat

CVSS3: 2.8

EPSS Низкий

Описание

An issue was discovered in GNU libcdio before 2.0.0. There is a double free in get_cdtext_generic() in lib/driver/_cdio_generic.c.

A double-free flaw was found in the way libcdio handled processing of ISO files. An attacker could potentially use this flaw to crash applications using libcdio by tricking them into processing crafted ISO files.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 6	libcdio	Not affected
Red Hat Enterprise Linux 8	libcdio	Not affected
Red Hat Enterprise Linux 7	libcdio	Fixed	RHSA-2018:3246	30.10.2018

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low

Дефект:

CWE-119

https://bugzilla.redhat.com/show_bug.cgi?id=1549707libcdio: Double free in get_cdtext_generic() in lib/driver/_cdio_generic.c

EPSS

Процентиль: 63%

0.00448

Низкий

2.8 Low

CVSS3

Связанные уязвимости

CVE-2017-18201

CVSS3: 9.8

ubuntu

больше 7 лет назад

An issue was discovered in GNU libcdio before 2.0.0. There is a double free in get_cdtext_generic() in lib/driver/_cdio_generic.c.

CVE-2017-18201

CVSS3: 9.8

nvd

больше 7 лет назад

An issue was discovered in GNU libcdio before 2.0.0. There is a double free in get_cdtext_generic() in lib/driver/_cdio_generic.c.

CVE-2017-18201

CVSS3: 9.8

debian

больше 7 лет назад

An issue was discovered in GNU libcdio before 2.0.0. There is a double ...

SUSE-SU-2018:0673-1

suse-cvrf

больше 7 лет назад

Security update for libcdio

GHSA-8qcw-8m67-996h

CVSS3: 9.8

github

больше 3 лет назад

An issue was discovered in GNU libcdio before 2.0.0. There is a double free in get_cdtext_generic() in lib/driver/_cdio_generic.c.

EPSS

Процентиль: 63%

0.00448

Низкий

2.8 Low

CVSS3