CVE-2017-14633 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	Medium
Remote	Yes
Type	Denial of service
Description	In Xiph.Org libvorbis before 1.3.6, an out-of-bounds array read vulnerability exists in the function mapping0_forward() in mapping0.c, which may lead to DoS when operating on a crafted audio file with vorbis_analysis().

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-658	lib32-libvorbis	1.3.5-1	1.3.6-1	Critical	Fixed
AVG-367	libvorbis	1.3.5-1	1.3.6-1	Critical	Fixed

Date	Advisory	Group	Package	Severity	Type
19 Mar 2018	ASA-201803-21	AVG-658	lib32-libvorbis	Critical	multiple issues
16 Mar 2018	ASA-201803-12	AVG-367	libvorbis	Critical	multiple issues

References
https://github.com/xiph/vorbis/commit/a79ec216cd119069c68b8f3542c6a425a74ab993