Описание
It was discovered the fix for CVE-2018-19758 (libsndfile) was not complete and still allows a read beyond the limits of a buffer in wav_write_header() function in wav.c. A local attacker may use this flaw to make the application crash.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 1.0.28-4ubuntu0.18.04.1 |
| cosmic | released | 1.0.28-4ubuntu0.18.10.1 |
| devel | not-affected | 1.0.28-6 |
| disco | not-affected | 1.0.28-6 |
| eoan | not-affected | 1.0.28-6 |
| esm-infra-legacy/trusty | released | 1.0.25-7ubuntu2.2+esm1 |
| esm-infra/bionic | released | 1.0.28-4ubuntu0.18.04.1 |
| esm-infra/focal | not-affected | 1.0.28-6 |
| esm-infra/xenial | released | 1.0.25-10ubuntu0.16.04.2 |
| focal | not-affected | 1.0.28-6 |
Показывать по
EPSS
1.9 Low
CVSS2
5.5 Medium
CVSS3
Связанные уязвимости
It was discovered the fix for CVE-2018-19758 (libsndfile) was not complete and still allows a read beyond the limits of a buffer in wav_write_header() function in wav.c. A local attacker may use this flaw to make the application crash.
It was discovered the fix for CVE-2018-19758 (libsndfile) was not complete and still allows a read beyond the limits of a buffer in wav_write_header() function in wav.c. A local attacker may use this flaw to make the application crash.
It was discovered the fix for CVE-2018-19758 (libsndfile) was not comp ...
It was discovered the fix for CVE-2018-19758 (libsndfile) was not complete and still allows a read beyond the limits of a buffer in wav_write_header() function in wav.c. A local attacker may use this flaw to make the application crash.
EPSS
1.9 Low
CVSS2
5.5 Medium
CVSS3