Wind River Support Network

HomeDefectsLIN9-4510

Fixed

LIN9-4510 : Security Advisory - lame - CVE-2017-9869

Created: Jun 29, 2017 Updated: Nov 6, 2018

Resolved Date: Oct 31, 2018

Found In Version: 9.0.0.7

Fix Version: 9.0.0.19

Severity: Standard

Applicable for: Wind River Linux 9

Component/s: Userspace

Description

The II_step_one function in layer2.c in mpglib, as used in libmpgdecoder.a in LAME 3.99.5 and other products, allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted audio file.

https://nvd.nist.gov/vuln/detail/CVE-2017-9869

Other Downloads

Wind River Linux 9.0.0.19
Wind River Linux 9.0.0.20
Wind River Linux 9.0.0.21
Wind River Linux 9.0.0.22
Wind River Linux 9.0.0.23
Wind River Linux 9.0.0.24
Wind River Linux 9.0.0.25
Wind River Linux 9.0.0.26

CVEs

CVE-2017-9869