CVE-2017-11367
CVE-2017-11367 affects the shoco C library’s shoco_decompress function in the API (up to 2017-07-17). A malformed compressed input can trigger a buffer over-read, causing a remote DoS and application crash. Public reports document a global-buffer-overflow symptom and a user-space crash (example s...