[3.5] libao: Invalid memory allocation in _tokenize_matrix function in audio_out.c (CVE-2017-11548)
The _tokenize_matrix function in audio_out.c in Xiph.Org libao 1.2.0
allows remote attackers to cause
a denial of service (memory corruption) via a crafted MP3 file.
References:
https://nvd.nist.gov/vuln/detail/CVE-2017-11548
http://seclists.org/fulldisclosure/2017/Jul/84
(from redmine: issue id 9212, created on 2018-08-08, closed on 2018-12-06)
- Relations:
- copied_to #9207 (closed)
- parent #9207 (closed)
- Changesets:
- Revision 4f58b79a by Natanael Copa on 2018-12-04T12:23:39Z:
main/libao: security fix for CVE-2017-11548
fixes #9212