vulnerability
Oracle Linux: CVE-2017-18201: ELSA-2018-3246: libcdio security update (LOW)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:N/AC:L/Au:N/C:P/I:P/A:P) | Feb 27, 2018 | Nov 6, 2018 | Dec 3, 2025 |
Severity
7
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Published
Feb 27, 2018
Added
Nov 6, 2018
Modified
Dec 3, 2025
Description
An issue was discovered in GNU libcdio before 2.0.0. There is a double free in get_cdtext_generic() in lib/driver/_cdio_generic.c.
A double-free flaw was found in the way libcdio handled processing of ISO files. An attacker could potentially use this flaw to crash applications using libcdio by tricking them into processing crafted ISO files.
A double-free flaw was found in the way libcdio handled processing of ISO files. An attacker could potentially use this flaw to crash applications using libcdio by tricking them into processing crafted ISO files.
Solutions
oracle-linux-upgrade-libcdiooracle-linux-upgrade-libcdio-devel
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.