bchunk -- heap-based buffer overflow (with invalid free) and crash

2017-10-28T00:00:00
ID 8BA2819C-0E9D-11E8-83E7-485B3931C969
Type freebsd
Reporter FreeBSD
Modified 2017-10-28T00:00:00

Description

Mitre reports:

bchunk 1.2.0 and 1.2.1 is vulnerable to a heap-based buffer overflow (with a resultant invalid free) and crash when processing a malformed CUE (.cue) file.