Project

General

Profile

Bug #9141

Bug #9139: libvorbis: heap buffer overflow in mapping0_forward function (CVE-2018-10392)

[3.8] libvorbis: heap buffer overflow in mapping0_forward function (CVE-2018-10392)

Added by Alicha CH 9 months ago. Updated 9 months ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
Security
Target version:
Start date:
07/27/2018
Due date:
% Done:

100%

Estimated time:
Affected versions:
Security IDs:

Description

A flaw was found in libvorbis 1.3.6. The mapping0_forward function in mapping0.c file in Xiph.Org does not validate the number of channels,
which allows remote attackers to cause a denial of service (heap-based buffer overflow or over-read) via a crafted file.

References:

https://gitlab.xiph.org/xiph/vorbis/issues/2335
https://nvd.nist.gov/vuln/detail/CVE-2018-10392

Patch:

https://gitlab.xiph.org/xiph/vorbis/commit/112d3bd0aaacad51305e1464d4b381dabad0e88b


Related issues

Copied from Alpine Linux - Bug #9139: libvorbis: heap buffer overflow in mapping0_forward function (CVE-2018-10392)Closed07/27/2018

Associated revisions

Revision 5983135b (diff)
Added by Natanael Copa 9 months ago

main/libvorbis: security fix for CVE-2018-10392

fixes #9141

Revision 1d4e07ef (diff)
Added by Natanael Copa 9 months ago

main/libvorbis: security fix for CVE-2018-10392

fixes #9141

History

#1 Updated by Alicha CH 9 months ago

  • Copied from Bug #9139: libvorbis: heap buffer overflow in mapping0_forward function (CVE-2018-10392) added

#2 Updated by Natanael Copa 9 months ago

  • Status changed from New to Resolved
  • % Done changed from 0 to 100

#3 Updated by Alicha CH 9 months ago

  • Project changed from Alpine Security to Alpine Linux
  • Category set to Security
  • Status changed from Resolved to Closed
  • Security IDs deleted (CVE-2018-10392)

Also available in: Atom PDF