CVE-2017-6834
Description
Heap-based buffer overflow in the ulaw2linear_buf function in G711.cpp in Audio File Library (aka audiofile) 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0, 0.2.7 allows remote attackers to cause a denial of service (crash) via a crafted file.
Risk Information
Base Score
5.5
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
6.895
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| audiofile Security Update (ALAS-2024-2601); audiofile-devel-0.3.6-9.amzn2.x86_64.rpm | Linux |
| audiofile Security Update (ALAS-2024-2601); audiofile-0.3.6-9.amzn2.i686.rpm | Linux |
| audiofile Security Update (ALAS-2024-2601); audiofile-0.3.6-9.amzn2.x86_64.rpm | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234