CVE-2017-8365 - log back

CVE-2017-8365 edited at 09 Feb 2021 09:59:40
Severity
- Unknown
+ Low
Remote
- Unknown
+ Local
Type
- Unknown
+ Denial of service
Description
+ The i2les_array function in pcm.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted audio file.
References
+ https://blogs.gentoo.org/ago/2017/04/29/libsndfile-global-buffer-overflow-in-i2les_array-pcm-c/
+ https://github.com/libsndfile/libsndfile/issues/230
+ https://github.com/libsndfile/libsndfile/commit/fd0484aba8e51d16af1e3a880f9b8b857b385eb3
Notes
CVE-2017-8365 created at 09 Feb 2021 09:51:29