vulnerability
Oracle Linux: CVE-2017-18199: ELSA-2018-3246: libcdio security update (LOW) (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 2 | (AV:L/AC:L/Au:S/C:N/I:N/A:P) | Feb 27, 2018 | Nov 6, 2018 | Nov 29, 2024 |
Severity
2
CVSS
(AV:L/AC:L/Au:S/C:N/I:N/A:P)
Published
Feb 27, 2018
Added
Nov 6, 2018
Modified
Nov 29, 2024
Description
realloc_symlink in rock.c in GNU libcdio before 1.0.0 allows remote attackers to cause a denial of service (NULL Pointer Dereference) via a crafted iso file.
A NULL pointer dereference flaw was found in the way libcdio handled processing of ISO files. An attacker could potentially use this flaw to crash applications using libcdio by tricking them into processing crafted ISO files.
A NULL pointer dereference flaw was found in the way libcdio handled processing of ISO files. An attacker could potentially use this flaw to crash applications using libcdio by tricking them into processing crafted ISO files.
Solution(s)
oracle-linux-upgrade-libcdiooracle-linux-upgrade-libcdio-devel
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.