AVG-638 log
| Package | libcdio |
| Status | Fixed |
| Severity | Medium |
| Type | denial of service |
| Affected | 0.94-1 |
| Fixed | 1.0.0-1 |
| Current | 2.1.0-4 [extra] |
| Ticket | None |
| Created | Mon Feb 26 12:14:51 2018 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2017-18199 | Medium | Yes | Denial of service | realloc_symlink in rock.c in GNU libcdio before 1.0.0 allows remote attackers to cause a denial of service (NULL Pointer Dereference) via a crafted iso file. |
| CVE-2017-18198 | Medium | Yes | Denial of service | print_iso9660_recurse in iso-info.c in GNU libcdio before 1.0.0 allows remote attackers to cause a denial of service (heap-based buffer over- read) or... |