EUVD-2017-17331

Malware in sbrugna...

DEBIAN-CVE-2017-8373

The madlayerIII function in layer3.c in Underbit MAD libmad 0.15.1b allows remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecified other impact via a crafted audio file...

CVE-2017-8372

The madlayerIII function in layer3.c in Underbit MAD libmad 0.15.1b, if NDEBUG is omitted, allows remote attackers to cause a denial of service assertion failure and application exit via a crafted audio file...

ALPINE-CVE-2017-8372

The madlayerIII function in layer3.c in Underbit MAD libmad 0.15.1b, if NDEBUG is omitted, allows remote attackers to cause a denial of service assertion failure and application exit via a crafted audio file...

Heap overflow

The madlayerIII function in layer3.c in Underbit MAD libmad 0.15.1b allows remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecified other impact via a crafted audio file...

DEBIAN-CVE-2017-8374

The madbitskip function in bit.c in Underbit MAD libmad 0.15.1b allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted audio file...

Code injection

The madlayerIII function in layer3.c in Underbit MAD libmad 0.15.1b, if NDEBUG is omitted, allows remote attackers to cause a denial of service assertion failure and application exit via a crafted audio file...

CVE-2017-8372

The madlayerIII function in layer3.c in Underbit MAD libmad 0.15.1b, if NDEBUG is omitted, allows remote attackers to cause a denial of service assertion failure and application exit via a crafted audio file...

CVE-2017-8372

CVE-2017-8372 affects Underbit MAD libmad 0.15.1b: the mad_layer_III function in layer3.c can trigger an assertion failure and application exit (DoS) when NDEBUG is omitted and a crafted audio file is processed. Connected advisories note multiple vendor patches (e.g., Debian DLA-1380-1; SUSE/SUSE...

CVE-2017-8373

The madlayerIII function in layer3.c in Underbit MAD libmad 0.15.1b allows remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecified other impact via a crafted audio file...

CVE-2017-8373

The madlayerIII function in layer3.c in Underbit MAD libmad 0.15.1b allows remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecified other impact via a crafted audio file...

CVE-2017-8372

The madlayerIII function in layer3.c in Underbit MAD libmad 0.15.1b, if NDEBUG is omitted, allows remote attackers to cause a denial of service assertion failure and application exit via a crafted audio file...

CVE-2017-8374

The madbitskip function in bit.c in Underbit MAD libmad 0.15.1b allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted audio file...

CVE-2017-8373

CVE-2017-8373 affects Underbit MAD libmad 0.15.1b; the mad_layer_III function in layer3.c can be exploited by a crafted audio file to trigger a heap-based buffer overflow and crash the application (remote exploit possibility). Several advisories (SUSE, Debian, FreeBSD, Fedora) note this issue and...

CVE-2017-8374

The madbitskip function in bit.c in Underbit MAD libmad 0.15.1b allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted audio file...

CVE-2017-8374

CVE-2017-8374 affects libmad (Underbit MAD) via the mad_bit_skip function in bit.c, where a crafted audio file can cause a heap-based buffer over-read and application crash. Connected advisories show the issue being fixed in libmad updates across distributions: openSUSE openSUSE-2018-205 notes a ...