Lucene search
ArchLinuxASA-201710-11HistoryOct 09, 2017 - 12:00 a.m.
[ASA-201710-11] lame: denial of service
2017-10-0900:00:00
security.archlinux.org
7
0.001 Low
EPSS
Percentile
23.8%
Arch Linux Security Advisory ASA-201710-11
Severity: Low
Date : 2017-10-09
CVE-ID : CVE-2017-15018
Package : lame
Type : denial of service
Remote : No
Link : https://security.archlinux.org/AVG-437
Summary
The package lame before version 3.99.5-4 is vulnerable to denial of
service.
Resolution
Upgrade to 3.99.5-4.
pacman -Syu “lame>=3.99.5-4”
The problem has been fixed upstream but no release is available yet.
Workaround
None.
Description
A heap-based buffer over-read vulnerability has been discovered in LAME
3.99.5 in the k_34_4 function in vbrquantize.c while handling a
malformed file.
Impact
An attacker is able to crash the application by tricking the user into
processing a specially crafted file.
References
https://bugs.archlinux.org/task/55889
https://sourceforge.net/p/lame/bugs/480/
https://security.archlinux.org/CVE-2017-15018
Related
ubuntucve
ubuntucve
CVE-2017-15018
2017-10-05 00:00:00
cvelist
cvelist
CVE-2017-15018
2017-10-04 07:00:00
debiancve
debiancve
CVE-2017-15018
2017-10-05 01:29:00
cve
cve
CVE-2017-15018
2017-10-05 01:29:00
prion
prion
Heap overflow
2017-10-05 01:29:00
fedora
fedora
[SECURITY] Fedora 25 Update: lame-3.100-1.fc25
2017-11-15 22:30:13
[SECURITY] Fedora 27 Update: lame-3.100-1.fc27
2017-11-11 13:48:08
[SECURITY] Fedora 26 Update: lame-3.100-1.fc26
2017-11-01 00:13:29
openvas
openvas
Fedora Update for lame FEDORA-2017-38830f1443
2017-11-23 00:00:00
Ubuntu: Security Advisory (USN-4780-1)
2023-01-27 00:00:00
Fedora Update for lame FEDORA-2017-9c29af2c64
2017-11-02 00:00:00
ubuntu
ubuntu
LAME vulnerabilities
2022-08-29 00:00:00
nessus
nessus
Ubuntu 16.04 ESM : LAME vulnerabilities (USN-4780-1)
2023-10-23 00:00:00
osv
osv
lame vulnerabilities
2022-08-29 23:06:31