SUSE CVE-2017-13712

🗓️ 15 Feb 2023 04:40:20Reported by Suse CVEType

susecve

susecve🔗 www.suse.com👁 2 Views

SUSE 13712: NULL pointer dereference in LAME 3.99.5 id3v2AddAudioDuration causes denial of service.

Reporter	Title	Published	Views	Family All 36
CNVD	LAME 'id3v2AddAudioDuration' function null pointer reference denial of service vulnerability	29 Aug 201700:00	–	cnvd
CVE	CVE-2017-13712	28 Aug 201719:00	–	cve
Cvelist	CVE-2017-13712	28 Aug 201719:00	–	cvelist
Debian CVE	CVE-2017-13712	28 Aug 201719:00	–	debiancve
EUVD	EUVD-2017-5229	7 Oct 202500:30	–	euvd
Mageia	Updated lame packages fix security vulnerabilities	1 Dec 201723:13	–	mageia
NVD	CVE-2017-13712	28 Aug 201719:29	–	nvd
Tenable Nessus	openSUSE Security Update : lame (openSUSE-2018-214)	28 Feb 201800:00	–	nessus
Tenable Nessus	Ubuntu 16.04 ESM : LAME vulnerabilities (USN-4780-1)	23 Oct 202300:00	–	nessus
Tenable Nessus	Linux Distros Unpatched Vulnerability : CVE-2017-13712	4 Mar 202500:00	–	nessus

OS	OS Version	Architecture	Package	Package Version	Filename
SUSE Linux Enterprise Server	12.2	any	lame	3.100-6.1	lame-3.100-6.1.noarch.rpm
SUSE Linux Enterprise Server	12.2	any	lame-doc	3.100-6.1	lame-doc-3.100-6.1.noarch.rpm
SUSE Linux Enterprise Server	12.2	any	lame-mp3rtp	3.100-6.1	lame-mp3rtp-3.100-6.1.noarch.rpm
SUSE Linux Enterprise Server	12.2	any	libmp3lame-devel	3.100-6.1	libmp3lame-devel-3.100-6.1.noarch.rpm
SUSE Linux Enterprise Server	12.2	any	libmp3lame0	3.100-6.1	libmp3lame0-3.100-6.1.noarch.rpm

Source	Link
suse	www.suse.com/security/cve/CVE-2017-13712
suse	www.suse.com/support/security/rating/
bugzilla	www.bugzilla.suse.com/1082399
lists	www.lists.opensuse.org/archives/list/[email protected]/thread/6JQYYKDCEI244XVDO6HZ4YNU7XFZRJG7/
lists	www.lists.opensuse.org/archives/list/[email protected]/thread/KH623JZ3J2KZAJL44XIFV3PAHON2NVKG/

13 May 2026 15:58Current

9.4High risk

Vulners AI Score9.4

CVSS 37.5

EPSS0.00434

null pointer dereference id3v2AddAudioDuration lame 3.99.5