AVG-639 log
Package | lib32-libcdio |
Status | Unknown |
Severity | High |
Type | multiple issues |
Affected | 0.94-1 |
Fixed | 2..0.0-1 |
Current | Removed |
Ticket | None |
Created | Mon Feb 26 12:14:56 2018 |
Issue | Severity | Remote | Type | Description |
---|---|---|---|---|
CVE-2017-18201 | High | Yes | Arbitrary code execution | An issue was discovered in GNU libcdio before 2.0.0. There is a double free in get_cdtext_generic() in lib/driver/_cdio_generic.c. |
CVE-2017-18199 | Medium | Yes | Denial of service | realloc_symlink in rock.c in GNU libcdio before 1.0.0 allows remote attackers to cause a denial of service (NULL Pointer Dereference) via a crafted iso file. |
CVE-2017-18198 | Medium | Yes | Denial of service | print_iso9660_recurse in iso-info.c in GNU libcdio before 1.0.0 allows remote attackers to cause a denial of service (heap-based buffer over- read) or... |