CVE-2017-6888

Опубликовано: 25 апр. 2018

Источник: ubuntu

Приоритет: low

EPSS Низкий

CVSS2: 4.3

CVSS3: 5.5

Описание

An error in the "read_metadata_vorbiscomment_()" function (src/libFLAC/stream_decoder.c) in FLAC version 1.3.2 can be exploited to cause a memory leak via a specially crafted FLAC file.

Релиз	Статус	Примечание
artful	DNE
bionic	DNE
cosmic	DNE
devel	DNE
disco	DNE
eoan	DNE
esm-apps/xenial	ignored	in multiverse
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was ignored [abandoned]]
esm-infra/focal	DNE
focal	DNE

Показывать по

Релиз	Статус	Примечание
artful	ignored	end of life
bionic	not-affected	code not present
cosmic	not-affected	code not present
devel	not-affected	code not present
disco	not-affected	code not present
eoan	not-affected	code not present
esm-apps/noble	not-affected	code not present
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was not-affected [code not present]]
esm-infra/focal	DNE	focal was not-affected [code not present]
focal	not-affected	code not present

Показывать по

Релиз	Статус	Примечание
artful	ignored	end of life
bionic	released	1.3.2-1ubuntu0.1
cosmic	ignored	end of life
devel	not-affected	1.3.4-2
disco	not-affected	1.3.2-3
eoan	ignored	end of life
esm-infra-legacy/trusty	released	1.3.0-2ubuntu0.14.04.1+esm1
esm-infra/bionic	released	1.3.2-1ubuntu0.1
esm-infra/focal	not-affected	1.3.3-1build1
esm-infra/xenial	released	1.3.1-4ubuntu0.1~esm1

Показывать по

Релиз	Статус	Примечание
artful	ignored	end of life
bionic	not-affected	uses system libflac
cosmic	not-affected	uses system libflac
devel	not-affected	uses system libflac
disco	not-affected	uses system libflac
eoan	not-affected	uses system libflac
esm-apps/bionic	not-affected	uses system libflac
esm-apps/focal	not-affected	uses system libflac
esm-apps/jammy	not-affected	uses system libflac
esm-apps/noble	not-affected	uses system libflac

Показывать по

Релиз	Статус	Примечание
artful	ignored	end of life
bionic	DNE
cosmic	DNE
devel	DNE
disco	DNE
eoan	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was ignored [Ubuntu touch end-of-life]]
esm-infra/focal	DNE
esm-infra/xenial	ignored	Ubuntu touch end-of-life
focal	DNE

Показывать по

Релиз	Статус	Примечание
artful	ignored	end of life
bionic	ignored	end of standard support, was needs-triage
cosmic	ignored	end of life
devel	needs-triage
disco	ignored	end of life
eoan	ignored	end of life
esm-apps/bionic	needs-triage
esm-apps/focal	needs-triage
esm-apps/jammy	needs-triage
esm-apps/noble	needs-triage

Показывать по

Ссылки на источники

EPSS

Процентиль: 63%

0.00445

Низкий

4.3 Medium

CVSS2

5.5 Medium

CVSS3

Связанные уязвимости

CVE-2017-6888

CVSS3: 4.3

redhat

больше 8 лет назад

An error in the "read_metadata_vorbiscomment_()" function (src/libFLAC/stream_decoder.c) in FLAC version 1.3.2 can be exploited to cause a memory leak via a specially crafted FLAC file.

CVE-2017-6888

CVSS3: 5.5

nvd

почти 8 лет назад

An error in the "read_metadata_vorbiscomment_()" function (src/libFLAC/stream_decoder.c) in FLAC version 1.3.2 can be exploited to cause a memory leak via a specially crafted FLAC file.

CVE-2017-6888

CVSS3: 5.5

debian

почти 8 лет назад

An error in the "read_metadata_vorbiscomment_()" function (src/libFLAC ...

openSUSE-SU-2019:1225-1

suse-cvrf

почти 7 лет назад

Security update for flac

openSUSE-SU-2018:1120-1

suse-cvrf

почти 8 лет назад

Security update for flac

EPSS

Процентиль: 63%

0.00445

Низкий

4.3 Medium

CVSS2

5.5 Medium

CVSS3

CVE-2017-6888

Описание

Пакет android

Пакет chromium-browser

Пакет flac

Пакет mame

Пакет oxide-qt

Пакет praat

Ссылки на источники

Связанные уязвимости