Null pointer dereference

The audiofile Audio File Library 0.3.6 has a NULL pointer dereference bug in ModuleState::setup in modules/ModuleState.cpp, which allows an attacker to cause a denial of service via a crafted caf file, as demonstrated by sfconvert...

DEBIAN-CVE-2018-13440

The audiofile Audio File Library 0.3.6 has a NULL pointer dereference bug in ModuleState::setup in modules/ModuleState.cpp, which allows an attacker to cause a denial of service via a crafted caf file, as demonstrated by sfconvert...

CVE-2018-13440

The vulnerability is in audiofile (Audio File Library) 0.3.6: a NULL pointer dereference in ModuleState::setup (modules/ModuleState.cpp) allows denial of service via a crafted caf file (CVE-2018-13440). Attacks require no authentication and can be network-agnostic; impact is denial of service. Pu...

CVE-2018-13440

The audiofile Audio File Library 0.3.6 has a NULL pointer dereference bug in ModuleState::setup in modules/ModuleState.cpp, which allows an attacker to cause a denial of service via a crafted caf file, as demonstrated by sfconvert...

PT-2018-11825 · Audiofile +6 · Audio File Library +6

Name of the Vulnerable Software and Affected Versions: The audiofile Audio File Library version 0.3.6 Description: The issue is related to a NULL pointer dereference bug in the ModuleState::setup function, located in modules/ModuleState.cpp. This bug can be exploited by an attacker to cause a...

CVE-2018-13440

The audiofile Audio File Library 0.3.6 has a NULL pointer dereference bug in ModuleState::setup in modules/ModuleState.cpp, which allows an attacker to cause a denial of service via a crafted caf file, as demonstrated by sfconvert...

UBUNTU-CVE-2018-13440

The audiofile Audio File Library 0.3.6 has a NULL pointer dereference bug in ModuleState::setup in modules/ModuleState.cpp, which allows an attacker to cause a denial of service via a crafted caf file, as demonstrated by sfconvert...

CVE-2018-13139

A stack-based buffer overflow in psfmemset in common.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted audio file. The vulnerability can be triggered by the executable sndfile-deinterleave...

Stack overflow

A stack-based buffer overflow in psfmemset in common.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted audio file. The vulnerability can be triggered by the executable sndfile-deinterleave...

CVE-2018-13139

A stack-based buffer overflow in psfmemset in common.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted audio file. The vulnerability can be triggered by the executable sndfile-deinterleave...

CVE-2018-13139

A stack-based buffer overflow in psfmemset in common.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted audio file. The vulnerability can be triggered by the executable sndfile-deinterleave...

DEBIAN-CVE-2018-13139

A stack-based buffer overflow in psfmemset in common.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted audio file. The vulnerability can be triggered by the executable sndfile-deinterleave...

CVE-2018-13139

A stack-based buffer overflow in psfmemset in common.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted audio file. The vulnerability can be triggered by the executable sndfile-deinterleave...

CVE-2018-13139

A stack-based buffer overflow in psfmemset in common.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted audio file. The vulnerability can be triggered by the executable sndfile-deinterleave...

CVE-2018-13139

A stack-based buffer overflow in psfmemset in common.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted audio file. The vulnerability can be triggered by the executable sndfile-deinterleave...

Updated taglib packages fix security vulnerability

The TagLib::Ogg::FLAC::File::scan function in oggflacfile.cpp in TagLib 1.11.1 allows remote attackers to cause information disclosure heap-based buffer over-read via a crafted audio file. CVE-2018-11439...

MGASA-2018-0300 Updated taglib packages fix security vulnerability

The TagLib::Ogg::FLAC::File::scan function in oggflacfile.cpp in TagLib 1.11.1 allows remote attackers to cause information disclosure heap-based buffer over-read via a crafted audio file. CVE-2018-11439...

SUSE SLES11 Security Update : python (SUSE-SU-2018:1786-1)

This update for python fixes the following issues: The following security vulnerabilities were addressed : - Add a check to Lib/wave.py that verifies that at least one channel is provided. Prior to this, attackers could cause a denial of service via a crafted wav format audio file. bsc1083507,...

opensuse-security@xxxxxxxxxxxx</li> <li><span class="identifier"> Date</span>: Tue, 19 Jun 2018 12:07:49 +0200 (CEST)</li> <li><span class="identifier"> Message-id</span>: &lt;<a href="msg00036.html">[email protected]</a>&gt;</li> </ul> <!--X-Head-of-Message-End--> <!--X-Head-Body-Sep-Begin--> </div> <div class="body"> <!--X-Head-Body-Sep-End--> <!--X-Body-of-Message--> openSUSE Security Update: Security update for aubio<br> ______________________________________________________________________________<br> <br> Announcement ID: openSUSE-SU-2018:1733-1<br> Rating: low<br> References: #1072317 <br> Cross-References: CVE-2017-17554<br> Affected Products:<br> openSUSE Leap 42.3<br> ______________________________________________________________________________<br> <br> An update that fixes one vulnerability is now available.<br> <br> Description:<br> <br> This update for aubio fixes the following security issue:<br> <br> - CVE-2017-17554: Prevent NULL pointer dereference in the function<br> aubio_source_avcodec_readframe which may have lead to DoS when playing a<br> crafted audio file (bsc#1072317).<br> <br> <br> Patch Instructions:<br> <br> To install this openSUSE Security Update use the SUSE recommended <br> installation methods<br> like YaST online_update or &quot;zypper patch&quot;.<br> <br> Alternatively you can run the command listed for your product:<br> <br> - openSUSE Leap 42.3:<br> <br> zypper in -t patch openSUSE-2018-651=1<br> <br> <br> <br> Package List:<br> <br> - openSUSE Leap 42.3 (i586 x86_64):<br> <br> aubio-debugsource-0.4.1-9.6.2<br> aubio-tools-0.4.1-9.6.2<br> aubio-tools-debuginfo-0.4.1-9.6.2<br> libaubio-devel-0.4.1-9.6.2<br> libaubio4-0.4.1-9.6.2<br> libaubio4-debuginfo-0.4.1-9.6.2<br> <br> - openSUSE Leap 42.3 (x86_64):<br> <br> libaubio4-32bit-0.4.1-9.6.2<br> libaubio4-debuginfo-32bit-0.4.1-9.6.2<br> <br> <br> References:<br> <br> <a rel="nofollow" href="https://www.suse.com/security/cve/CVE-2017-17554.html">https://www.suse.com/security/cve/CVE-2017-17554.html</a><br> <a rel="nofollow" href="https://bugzilla.suse.com/1072317">https://bugzilla.suse.com/1072317</a><br> <br> -- <br> To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@xxxxxxxxxxxx<br> For additional commands, e-mail: opensuse-security-announce+help@xxxxxxxxxxxx<br> <br> <!--X-Body-of-Message-End--> <!--X-MsgBody-End--> <!--X-Follow-Ups--> <!-- SwishCommand noindex --> </div> <table class="bodynav"> <tr> <td align="left"> &lt; Previous </td> <td align="right"> Next &gt; </td> </tr> </table> </div> <div class="visualClear"></div> </div> </div> </div> <div id="column-one"> <a name="indexes"></a> <div class="portlet" id="p-topnav"> <div class="pBody"> <ul> <li><a href="threads.html">Thread Index</a></li> <li><a href="author.html">Author Index</a></li> <li><a href="date.html">Date Index</a></li> <li><a href="all.html">All Messages</a></li> </ul> </div> </div> <div class="portlet" id="p-logo"> <a style="background-image: url(/skins/opensuse/opensuse.gif);" href="../" title="Back"></a> </div> <script type="text/javascript"> if (window.isMSIE55) fixalpha(); </script> <a name="search"></a> <div id="p-search" class="portlet" style="white-space: nowrap;"> <h5><label for="searchInput">Search this list</label> (Security update for aubio</h5> <!--X-Subject-Header-End--> <!--X-Head-of-Message--> <ul> <li><span class="identifier"> From</span>)

This update for aubio fixes the following security issue: - CVE-2017-17554: Prevent NULL pointer dereference in the function aubiosourceavcodecreadframe which may have lead to DoS when playing a crafted audio file bsc1072317...

openSUSE Security Update : aubio (openSUSE-2018-652)

This update for aubio fixes the following security issue : - CVE-2017-17554: Prevent NULL pointer dereference in the function aubiosourceavcodecreadframe which may have lead to DoS when playing a crafted audio file bsc1072317. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive...