Wind River Support Network

HomeDefectsLIN6-14560
Fixed

LIN6-14560 : Security Advisory - flac - CVE-2017-6888

Created: May 1, 2018    Updated: Mar 8, 2020
Resolved Date: Mar 12, 2019
Found In Version: 6.0.0.36
Severity: Standard
Applicable for: Wind River Linux 6
Component/s: Userspace

Description

An error in the read_metadata_vorbiscomment_() function (src/libFLAC/stream_decoder.c) in FLAC version 1.3.2 can be exploited to cause a memory leak via a specially crafted FLAC file.

https://nvd.nist.gov/vuln/detail/CVE-2017-6888
Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube