Fixed
Created: May 14, 2018
Updated: Sep 27, 2021
Resolved Date: Sep 27, 2021
Found In Version: unknown
Severity: Standard
Applicable for: Wind River Linux LTS 18
Component/s: Userspace
The swri_audio_convert function in audioconvert.c in FFmpeg libswresample through 3.0.101, as used in FFmpeg 3.4.1, aubio 0.4.6, and other products, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted audio file.
https://nvd.nist.gov/vuln/detail/CVE-2017-17555