← volver
CVE-2018-10392

CVE-2018-10392

EPSS 3.3%
mapping0_forward in mapping0.c in Xiph.Org libvorbis 1.3.6 does not validate the number of channels, which allows remote attackers to cause a denial of service (heap-based buffer overflow or over-read) or possibly have unspecified other impact via a crafted file.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://access.redhat.com/errata/RHSA-2019:3703https://gitlab.xiph.org/xiph/vorbis/issues/2335https://lists.debian.org/debian-lts-announce/2019/11/msg00031.htmlhttps://lists.debian.org/debian-lts-announce/2021/11/msg00023.htmlhttps://security.gentoo.org/glsa/202003-36