CVE-2017-9988 The readEncUInt30 function in util/read.c in libming 0.4.8 mishandles memory allocation. A crafted input will lead to a remote denial of service (NULL pointer dereference) attack against parser.c. https://github.com/libming/libming/issues/85 CVE-2017-9989 util/outputtxt.c in libming 0.4.8 mishandles memory allocation. A crafted input will lead to a remote denial of service (NULL pointer dereference) attack. https://github.com/libming/libming/issues/86
Created ming tracking bugs for this issue: Affects: fedora-all [bug 1470174]