Wind River Support Network

HomeDefectsLIN9-5245

Fixed

LIN9-5245 : Security Advisory - mpg123 - CVE-2017-12797

Created: Sep 14, 2017 Updated: Dec 12, 2018

Resolved Date: Oct 31, 2018

Found In Version: 9.0.0.10

Fix Version: 9.0.0.19

Severity: Standard

Applicable for: Wind River Linux 9

Component/s: Userspace

Description

Integer overflow in the INT123_parse_new_id3 function in the ID3 parser in mpg123 before 1.25.5 on 32-bit platforms allows remote attackers to cause a denial of service via a crafted file, which triggers a heap-based buffer overflow.

https://nvd.nist.gov/vuln/detail/CVE-2017-12797

Other Downloads

Wind River Linux 9.0.0.19
Wind River Linux 9.0.0.20
Wind River Linux 9.0.0.21
Wind River Linux 9.0.0.22
Wind River Linux 9.0.0.23
Wind River Linux 9.0.0.24
Wind River Linux 9.0.0.25
Wind River Linux 9.0.0.26

CVEs

CVE-2017-12797