Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2021-32274

Опубликовано: 20 сент. 2021
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 6.8
CVSS3: 7.8

Описание

An issue was discovered in faad2 through 2.10.0. A heap-buffer-overflow exists in the function sbr_qmf_synthesis_64 located in sbr_qmf.c. It allows an attacker to cause code Execution.

РелизСтатусПримечание
bionic

ignored

end of standard support, was needs-triage
devel

not-affected

2.10.1-1
esm-apps/bionic

released

2.8.8-1ubuntu0.1~esm1
esm-apps/focal

released

2.9.1-1ubuntu0.1
esm-apps/jammy

not-affected

2.10.0-2
esm-apps/noble

not-affected

2.10.1-1
esm-apps/xenial

released

2.8.0~cvs20150510-1ubuntu0.1+esm1
esm-infra-legacy/trusty

released

2.7-8+deb8u3ubuntu0.1~esm1
focal

released

2.9.1-1ubuntu0.1
hirsute

ignored

end of life

Показывать по

РелизСтатусПримечание
bionic

DNE

devel

needs-triage

esm-apps/focal

needs-triage

esm-apps/jammy

needs-triage

esm-apps/noble

needs-triage

esm-infra-legacy/trusty

DNE

focal

ignored

end of standard support, was needs-triage
hirsute

ignored

end of life
impish

ignored

end of life
jammy

needs-triage

Показывать по

РелизСтатусПримечание
bionic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

hirsute

DNE

impish

DNE

jammy

DNE

kinetic

DNE

lunar

DNE

Показывать по

Ссылки на источники

EPSS

Процентиль: 38%
0.00166
Низкий

6.8 Medium

CVSS2

7.8 High

CVSS3

Связанные уязвимости

nvd логотип

CVE-2021-32274

CVSS3: 7.8
nvd
больше 4 лет назад

An issue was discovered in faad2 through 2.10.0. A heap-buffer-overflow exists in the function sbr_qmf_synthesis_64 located in sbr_qmf.c. It allows an attacker to cause code Execution.

debian логотип

CVE-2021-32274

CVSS3: 7.8
debian
больше 4 лет назад

An issue was discovered in faad2 through 2.10.0. A heap-buffer-overflo ...

github логотип

GHSA-4mc9-vgjj-p3v5

CVSS3: 7.8
github
больше 3 лет назад

An issue was discovered in faad2 through 2.10.0. A heap-buffer-overflow exists in the function sbr_qmf_synthesis_64 located in sbr_qmf.c. It allows an attacker to cause code Execution.

fstec логотип

BDU:2022-01814

CVSS3: 8.8
fstec
больше 5 лет назад

Уязвимость функции sbr_qmf_synthesis_64 компонента sbr_qmf.c аудио декодера Freeware Advanced Audio Decoder 2 (FAAD2), позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании

EPSS

Процентиль: 38%
0.00166
Низкий

6.8 Medium

CVSS2

7.8 High

CVSS3