libcdio: NULL pointer dereference in realloc_symlink in rock.c

A NULL pointer dereference flaw was found in the way libcdio handled processing of ISO files. An attacker could potentially use this flaw to crash applications using libcdio by tricking them into processing crafted ISO files...

Security update for libcdio (low)

This update for libcdio fixes the following issues: The following security vulnerabilities were addressed: - CVE-2017-18199: Fixed a NULL pointer dereference in reallocsymlink in rock.c bsc1082821 - CVE-2017-18201: Fixed a double free vulnerability in getcdtextgeneric in cdiogeneric.c bsc1082877 ...

CVE-2017-18199

reallocsymlink in rock.c in GNU libcdio before 1.0.0 allows remote attackers to cause a denial of service NULL Pointer Dereference via a crafted iso file...

CVE-2017-18199

reallocsymlink in rock.c in GNU libcdio before 1.0.0 allows remote attackers to cause a denial of service NULL Pointer Dereference via a crafted iso file...

CVE-2017-18199

CVE-2017-18199 affects libcdio (GNU) via realloc_symlink in rock.c. A NULL pointer dereference can be triggered by processing a crafted ISO file, enabling remote denial of service. The vulnerability is present in libcdio versions before 1.0.0. Remediation: upgrade to libcdio 1.0.0 or newer (vendo...

GNU libcdio Denial of Service Vulnerability

GNU libcdio is a CD-ROM input and control library that contains a library of functions for accessing CD-ROMs and CD images. A security vulnerability exists in the 'reallocsymlink' function of the rock.c file in GNU libcdio versions prior to 1.0.0. A remote attacker can exploit this vulnerability ...

PT-2018-3810 · Gnu +5 · Gnu Libcdio +5

Name of the Vulnerable Software and Affected Versions: GNU libcdio versions prior to 1.0.0 Description: The issue is related to the realloc symlink function in rock.c and is associated with pointer dereference errors. It can be exploited by remote attackers to cause a denial of service...

Linux kernel 'fs/isofs/rock.c' local information disclosure vulnerability

The Linux kernel is the kernel used by the open source operating system Linux. Linux kernel suffers from an information disclosure vulnerability that allows local users to obtain sensitive information from kernel memory via a carefully crafted iso9660 image...

CVE-2014-9584

CVE-2014-9584 affects the Linux kernel where the function parse_rock_ridge_inode_internal in fs/isofs/rock.c does not validate a length value in the ER System Use Field, enabling local users to obtain sensitive kernel memory via a crafted iso9660 image. This vulnerability exists in kernels before...