CVE-2018-7254 (retired)

Priority
Description
The ParseCaffHeaderConfig function of the cli/caff.c file of WavPack 5.1.0
allows a remote attacker to cause a denial-of-service (global buffer
over-read), or possibly trigger a buffer overflow or incorrect memory
allocation, via a maliciously crafted CAF file.
Notes
 leosilva> feature added after 5.0, neither trusty or xenial are affected.
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected
Ubuntu 18.04 LTS (Bionic Beaver):released (5.1.0-2ubuntu1)
More Information

Updated: 2019-09-19 16:06:53 UTC (commit d32ebc32606b9517c6fa7d65a15441e2a57a6de5)