Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Tue, 31 Jan 2017 10:16:06 -0500
From: <cve-assign@...re.org>
To: <ago@...too.org>
CC: <cve-assign@...re.org>, <oss-security@...ts.openwall.com>
Subject: Re: mp3splt: NULL pointer dereference in splt_cue_export_to_file (cue.c)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

> https://blogs.gentoo.org/ago/2017/01/29/mp3splt-null-pointer-dereference-in-splt_cue_export_to_file-cue-c
> 
> AddressSanitizer: SEGV on unknown address 0x000000000000
> 
> splt_cue_export_to_file libmp3splt-0.9.2/src/cue.c:725

Use CVE-2017-5665.

- -- 
CVE Assignment Team
M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
[ A PGP key is available for encrypted communications at
  http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJYkKj0AAoJEHb/MwWLVhi2chAP/2AbNCqqgNqb+SVg15pzegAy
4kFc436rib1t18uFrm6gxIXHlQA0BLVgex8DISdUEXRr503uOzwsTjDDgwFHwbHl
E7PmvzcfyhnZ1sujcfbd87pm6qf9Jv8eAlNr1DZTYu0VkFH0HkAIO3dzACNlTDDE
9tXV2kMBEfyZfdXY8Fha4KZdG7NUCKUQqns1rdm2JGa583VLC984YiEvGPIv1xFf
zmxURxRDRkgNPmhPmfRun3rPJbx0dqRDJqlxOsRxL1W+Axb+ogSxAu79WpEn4jvN
2doXQnZujQudiusVkqK4QXfzmcQMncQIN0fOygsJIySI38iJYHh3wBzWwPNDhI3x
H9r/nakhrBRiE/29r+4fzQvyOU3iARvh04iJlikXLEFz8GrER4kg+8rUI4wIDpn/
Vum4k7o+N0nni1FcAUEaL2JtRRuj55ikWzG+BwqhBzmSW3TG4UinyRu35Yu16aTI
YHPjJQKPziVFtn2Q8TH/nPlnIcshc4zcqRD8m4B/7usRsFMJuSOStx1gA2SBanLG
2bPFXCXhZX/Hv4hHl8Yzw7HKI8W3dxWcNBtBXcsvx6XRuTHXUhTEc6m0fHRyLU+i
O7jzRx+7qaqP4UnYwOAH0J2HA9Pp9XY2UGW7K9BbSw4Z/6vzNC10QWU4lf0Cg7FC
myDnoBgiEOuCOOfErLrK
=Ip7W
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ