Wind River Support Network

HomeDefectsLIN8-7862

Fixed

LIN8-7862 : Security Advisory - libvorbis - CVE-2017-14160

Created: Sep 26, 2017 Updated: Dec 3, 2018

Resolved Date: May 24, 2018

Found In Version: 8.0.0.21

Fix Version: 8.0.0.26

Severity: Standard

Applicable for: Wind River Linux 8

Component/s: Userspace

Description

The bark_noise_hybridmp function in psy.c in Xiph.Org libvorbis 1.3.5 allows remote attackers to cause a denial of service (out-of-bounds access and application crash) or possibly have unspecified other impact via a crafted mp4 file.

https://nvd.nist.gov/vuln/detail/CVE-2017-14160

Other Downloads

Wind River Linux 8.0.0.26
Wind River Linux 8.0.0.27
Wind River Linux 8.0.0.28
Wind River Linux 8.0.0.29
Wind River Linux 8.0.0.30
Wind River Linux 8.0.0.31
Wind River Linux 8.0.0.32
Wind River Linux 8.0.0.33
Wind River Linux 8.0.0.34

CVEs

CVE-2017-14160