Candidate: CVE-2018-13845
PublicDate: 2018-07-10 18:29:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13845
 https://github.com/samtools/htslib/issues/731#issuecomment-403681105
Description:
 An issue has been found in HTSlib 1.8. It is a buffer over-read in
 sam_parse1 in sam.c.
Ubuntu-Description:
 It was discovered that HTSlib incorrectly handled certain files. An
 attacker could possibly use this issue to cause a denial of service.
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H [9.8 CRITICAL]


Patches_htslib:
upstream_htslib: needs-triage
precise/esm_htslib: DNE
trusty_htslib: ignored (out of standard support)
trusty/esm_htslib: needed
xenial_htslib: ignored (end of standard support, was needed)
artful_htslib: ignored (reached end-of-life)
bionic_htslib: needed
cosmic_htslib: ignored (reached end-of-life)
disco_htslib: not-affected (1.9-2)
eoan_htslib: not-affected (1.9-2)
focal_htslib: not-affected (1.9-2)
groovy_htslib: not-affected (1.9-2)
hirsute_htslib: not-affected (1.9-2)
impish_htslib: not-affected (1.9-2)
jammy_htslib: not-affected (1.9-2)
devel_htslib: not-affected (1.9-2)