CVE-2018-20199 - log back

CVE-2018-20199 edited at 04 Apr 2022 23:41:08
Severity
- Unknown
+ Medium
Remote
- Unknown
+ Remote
Type
- Unknown
+ Denial of service
Description
+ A NULL pointer dereference was discovered in ifilter_bank of libfaad/filtbank.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of service because adding to windowed output is mishandled in the ONLY_LONG_SEQUENCE case.
References
+ https://github.com/knik0/faad2/issues/24
+ https://github.com/knik0/faad2/commit/3b80a57483a6bc822d3ce3cc640fa81737a87c54
Notes
CVE-2018-20199 created at 04 Apr 2022 23:38:29