Candidate: CVE-2018-1000532
PublicDate: 2018-06-26 16:29:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000532
 https://github.com/johnath/beep/issues/11#issuecomment-379514298
Description:
 beep version 1.3 and up contains a External Control of File Name or Path
 vulnerability in --device option that can result in Local unprivileged user
 can inhibit execution of arbitrary programs by other users, allowing DoS.
 This attack appear to be exploitable via The system must allow local users
 to run beep.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H [4.7 MEDIUM]

Patches_beep:
upstream_beep: needs-triage
precise/esm_beep: DNE
trusty_beep: ignored (reached end-of-life)
trusty/esm_beep: DNE (trusty was needs-triage)
xenial_beep: ignored (end of standard support, was needs-triage)
artful_beep: ignored (reached end-of-life)
bionic_beep: needs-triage
cosmic_beep: ignored (reached end-of-life)
disco_beep: not-affected (1.4.3-2)
eoan_beep: not-affected (1.4.3-2)
focal_beep: not-affected (1.4.3-2)
groovy_beep: not-affected (1.4.3-2)
hirsute_beep: not-affected (1.4.3-2)
impish_beep: not-affected (1.4.3-2)
jammy_beep: not-affected (1.4.3-2)
devel_beep: not-affected (1.4.3-2)