CVE-2017-11333 (retired)

Priority
Description
The vorbis_analysis_wrote function in lib/block.c in Xiph.Org libvorbis
1.3.5 allows remote attackers to cause a denial of service (OOM) via a
crafted wav file.
Notes
mdeslaursame fix as CVE-2017-14633
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (1.3.5-3ubuntu0.1)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (1.3.5-4.1)
Patches:
Upstream:https://gitlab.xiph.org/xiph/vorbis/commit/a79ec216cd119069c68b8f3542c6a425a74ab993
More Information

Updated: 2019-10-09 07:58:36 UTC (commit 33aea848a182c0afcd0a3f927a01a7ecd9a061ee)