Bug 1545866 (CVE-2017-18189)
| Summary: | CVE-2017-18189 sox: NULL pointer dereference in startread function in xa.c | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Pedro Sampaio <psampaio> |
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
| Status: | CLOSED ERRATA | QA Contact: | |
| Severity: | low | Docs Contact: | |
| Priority: | low | ||
| Version: | unspecified | CC: | felix, hhorak, hobbes1069, jkucera, jmoskovc |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |
| Doc Text: |
A NULL pointer dereference flaw found in the way SoX handled processing of AIFF files. An attacker could potentially use this flaw to crash the SoX application by tricking it into processing crafted AIFF files.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | 2019-08-06 19:18:24 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 1545867, 1553590, 1553591 | ||
| Bug Blocks: | 1545871 | ||
|
Description
Pedro Sampaio
2018-02-15 17:57:24 UTC
Created sox tracking bugs for this issue: Affects: fedora-all [bug 1545867] This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2019:2283 https://access.redhat.com/errata/RHSA-2019:2283 This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2017-18189 |