user/libvorbis: multiple vulnerabilities
| Bugzilla ID | 157 |
| Alias(es) | CVE-2018-10392, CVE-2018-10393 |
| Reporter | Max Rees (sroracle) |
| Assignee | Max Rees (sroracle) |
| Reported | 2019-07-31 10:05:53 -0500 |
| Modified | 2019-09-28 13:33:58 -0500 |
| Status | RESOLVED FIXED |
| Version | 1.0-BETA3 |
| Hardware | Adélie Linux / All |
| Importance | --- / normal |
Description
CVE-2018-10392: https://nvd.nist.gov/vuln/detail/CVE-2018-10392
mapping0_forward in mapping0.c in Xiph.Org libvorbis 1.3.6 does not
validate the number of channels, which allows remote attackers to
cause a denial of service (heap-based buffer overflow or over-read) or
possibly have unspecified other impact via a crafted file.
CVE-2018-10393: https://nvd.nist.gov/vuln/detail/CVE-2018-10393
bark_noise_hybridmp in psy.c in Xiph.Org libvorbis 1.3.6 has a stack-
based buffer over-read.