Описание
There is a stack-based buffer underflow in the third instance of the calculate_gain function in libfaad/sbr_hfadj.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. A crafted input will lead to a denial of service or possibly unspecified other impact because limiting the additional noise energy level is mishandled for the G_max <= G case.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needed |
| cosmic | ignored | end of life |
| devel | not-affected | 2.8.8-3ubuntu3 |
| disco | ignored | end of life |
| eoan | not-affected | 2.8.8-3ubuntu3 |
| esm-apps/bionic | needed | |
| esm-apps/focal | not-affected | 2.8.8-3ubuntu3 |
| esm-apps/jammy | not-affected | 2.8.8-3ubuntu3 |
| esm-apps/noble | not-affected | 2.8.8-3ubuntu3 |
| esm-apps/xenial | needed |
Показывать по
EPSS
6.8 Medium
CVSS2
7.8 High
CVSS3
Связанные уязвимости
There is a stack-based buffer underflow in the third instance of the calculate_gain function in libfaad/sbr_hfadj.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. A crafted input will lead to a denial of service or possibly unspecified other impact because limiting the additional noise energy level is mishandled for the G_max <= G case.
There is a stack-based buffer underflow in the third instance of the c ...
There is a stack-based buffer underflow in the third instance of the calculate_gain function in libfaad/sbr_hfadj.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. A crafted input will lead to a denial of service or possibly unspecified other impact because limiting the additional noise energy level is mishandled for the G_max <= G case.
Уязвимость функции calculate_gain аудио декодера Freeware Advanced Audio Decoder 2 (FAAD2), позволяющая нарушителю оказать воздействие на целостность данных, получить несанкционированный доступ к защищаемой информации, а также вызвать отказ в обслуживании
EPSS
6.8 Medium
CVSS2
7.8 High
CVSS3