libvorbis: heap buffer overflow in mapping0_forward function (CVE-2018-10392)
A flaw was found in libvorbis 1.3.6. The mapping0_forward function in
mapping0.c file in Xiph.Org does not validate the number of channels,
which allows remote attackers to cause a denial of service (heap-based
buffer overflow or over-read) via a crafted file.
References:
https://gitlab.xiph.org/xiph/vorbis/issues/2335
https://nvd.nist.gov/vuln/detail/CVE-2018-10392
Patch:
https://gitlab.xiph.org/xiph/vorbis/commit/112d3bd0aaacad51305e1464d4b381dabad0e88b
(from redmine: issue id 9139, created on 2018-07-27, closed on 2018-07-30)
- Relations:
- copied_to #9140 (closed)
- copied_to #9141 (closed)
- copied_to #9142 (closed)
- copied_to #9143 (closed)
- copied_to #9144 (closed)
- child #9140 (closed)
- child #9141 (closed)
- child #9142 (closed)
- child #9143 (closed)
- child #9144 (closed)
To upload designs, you'll need to enable LFS and have admin enable hashed storage. More information