libcdio

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description GNU Compact Disc Input and Control Library
Version 2.1.0-4 [extra]

Resolved

Group Affected Fixed Severity Status Ticket
AVG-641 1.1.0-1 2.0.0-1 High Fixed
AVG-638 0.94-1 1.0.0-1 Medium Fixed
Issue Group Severity Remote Type Description
CVE-2017-18201 AVG-641 High Yes Arbitrary code execution
An issue was discovered in GNU libcdio before 2.0.0. There is a double free in get_cdtext_generic() in lib/driver/_cdio_generic.c.
CVE-2017-18199 AVG-638 Medium Yes Denial of service
realloc_symlink in rock.c in GNU libcdio before 1.0.0 allows remote attackers to cause a denial of service (NULL Pointer Dereference) via a crafted iso file.
CVE-2017-18198 AVG-638 Medium Yes Denial of service
print_iso9660_recurse in iso-info.c in GNU libcdio before 1.0.0 allows remote attackers to cause a denial of service (heap-based buffer over- read) or...