faad2

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description Freeware Advanced Audio (AAC) Decoder
Version 2.11.1-1 [extra]

Resolved

Group Affected Fixed Severity Status Ticket
AVG-2660 2.8.8-1 2.9.0-1 High Fixed
AVG-2403 2.9.2-1 2.10.0-1 Medium Fixed
AVG-328 2.7-4 2.8.1-1 High Fixed FS#54613
Issue Group Severity Remote Type Description
CVE-2021-32278 AVG-2403 Medium Yes Arbitrary code execution
An issue was discovered in faad2 before version 2.10.0. A heap-buffer- overflow exists in the function lt_prediction located in lt_predict.c. It allows an...
CVE-2021-32277 AVG-2403 Medium Yes Arbitrary code execution
An issue was discovered in faad2 before version 2.10.0. A heap-buffer- overflow exists in the function sbr_qmf_analysis_32 located in sbr_qmf.c. It allows...
CVE-2021-32276 AVG-2403 Low Yes Denial of service
An issue was discovered in faad2 before version 2.10.0. A NULL pointer dereference exists in the function get_sample() located in output.c. It allows an...
CVE-2021-32274 AVG-2403 Medium Yes Arbitrary code execution
An issue was discovered in faad2 before version 2.10.0. A heap-buffer- overflow exists in the function sbr_qmf_synthesis_64 located in sbr_qmf.c. It allows...
CVE-2021-32273 AVG-2403 Medium Yes Arbitrary code execution
An issue was discovered in faad2 before version 2.10.0. A stack- buffer-overflow exists in the function ftypin located in mp4read.c. It allows an attacker...
CVE-2021-32272 AVG-2403 Medium Yes Arbitrary code execution
An issue was discovered in faad2 before version 2.10.0. A heap-buffer- overflow exists in the function stszin located in mp4read.c. It allows an attacker to...
CVE-2019-6956 AVG-2660 High Yes Arbitrary code execution
An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. It is a buffer over-read in ps_mix_phase in libfaad/ps_dec.c.
CVE-2018-20360 AVG-2660 Medium Yes Denial of service
An invalid memory address dereference was discovered in the sbr_process_channel function of libfaad/sbr_dec.c in Freeware Advanced Audio Decoder 2 (FAAD2)...
CVE-2018-20199 AVG-2660 Medium Yes Denial of service
A NULL pointer dereference was discovered in ifilter_bank of libfaad/filtbank.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes...
CVE-2018-20196 AVG-2660 High Yes Arbitrary code execution
There is a stack-based buffer overflow in the third instance of the calculate_gain function in libfaad/sbr_hfadj.c in Freeware Advanced Audio Decoder 2...
CVE-2017-9257 AVG-328 Medium Yes Denial of service
the mp4ff_read_ctts in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows can cause a denial of service(large loop and CPU...
CVE-2017-9256 AVG-328 Medium Yes Denial of service
the mp4ff_read_stco function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 can cause a denial of service(large loop and CPU...
CVE-2017-9255 AVG-328 Medium Yes Denial of service
the mp4ff_read_stsc function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 can cause a denial of service(large loop and CPU...
CVE-2017-9254 AVG-328 Medium Yes Denial of service
the mp4ff_read_stts function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 can cause a denial of service(large loop and CPU...
CVE-2017-9253 AVG-328 Medium Yes Denial of service
the mp4ff_read_stsd function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 can cause a denial of service(large loop and CPU...
CVE-2017-9223 AVG-328 High Yes Denial of service
the mp4ff_read_stts function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 can cause a denial of service(invalid memory read...
CVE-2017-9222 AVG-328 High Yes Denial of service
the mp4ff_parse_tag function in common/mp4ff/mp4meta.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 can to cause a denial of service(infinite loop and...
CVE-2017-9221 AVG-328 High Yes Denial of service
the mp4ff_read_mdhd function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 can cause a denial of service(invalid memory read...
CVE-2017-9220 AVG-328 High Yes Denial of service
the mp4ff_read_stco function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 can cause a denial of service (memory allocation...
CVE-2017-9219 AVG-328 High Yes Denial of service
the mp4ff_read_stsc function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 can cause a denial of service (memory allocation...
CVE-2017-9218 AVG-328 High Yes Denial of service
the mp4ff_read_stsd function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 can cause a denial of service(invalid memory read...