Lucene search
Cloud FoundryCFOUNDRY:AA1246E81C3A83C48405E8FECB36D4E8HistoryOct 29, 2018 - 12:00 a.m.
USN-3800-1: audiofile vulnerabilities | Cloud Foundry
2018-10-2900:00:00
Cloud Foundry
www.cloudfoundry.org
489
0.007 Low
EPSS
Percentile
79.8%
Severity
Medium
Vendor
Canonical Ubuntu
Versions Affected
- Canonical Ubuntu 14.04
Description
It was discovered that audiofile incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. (CVE-2018-13440)
It was discovered that audiofile incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code. (CVE-2018-17095)
CVEs contained in this USN include: CVE-2018-13440, CVE-2018-17095
Affected Cloud Foundry Products and Versions
Severity is medium unless otherwise noted.
- All versions of Cloud Foundry cflinuxfs2 prior to 1.244.0
Mitigation
Users of affected products are strongly encouraged to follow one of the mitigations below:
- The Cloud Foundry project recommends that Cloud Foundry deployments run with cflinuxfs2 version 1.244.0 or later.
References
Related
fedora
fedora
[SECURITY] Fedora 28 Update: audiofile-0.3.6-21.fc28
2018-10-18 04:32:32
[SECURITY] Fedora 27 Update: audiofile-0.3.6-21.fc27
2018-10-18 03:54:38
[SECURITY] Fedora 29 Update: audiofile-0.3.6-21.fc29
2018-10-30 17:44:10
centos
centos
audiofile security update
2020-10-20 17:47:17
nessus
nessus
Ubuntu 14.04 LTS : audiofile vulnerabilities (USN-3800-1)
2018-10-25 00:00:00
NewStart CGSL CORE 5.05 / MAIN 5.05 : audiofile Multiple Vulnerabilities (NS-SA-2021-0171)
2021-10-28 00:00:00
Fedora 27 : 1:audiofile (2018-b967b5592e)
2018-10-18 00:00:00
mageia
mageia
Updated audiofile packages fix security vulnerabilities
2018-11-12 00:09:54
openvas
openvas
Ubuntu: Security Advisory (USN-3800-1)
2018-10-26 00:00:00
Mageia: Security Advisory (MGASA-2018-0441)
2022-01-28 00:00:00
Fedora Update for audiofile FEDORA-2018-41626fa774
2018-10-19 00:00:00
amazon
amazon
Medium: audiofile
2020-10-22 17:18:00
ubuntu
ubuntu
audiofile vulnerabilities
2018-10-24 00:00:00
audiofile vulnerabilities
2023-12-14 00:00:00
redhat
redhat
(RHSA-2020:3877) Moderate: audiofile security update
2020-09-29 07:39:49
cloudfoundry
cloudfoundry
USN-6558-1: audiofile vulnerabilities | Cloud Foundry
2024-04-04 00:00:00
osv
osv
audiofile vulnerabilities
2023-12-14 16:44:57
CVE-2018-13440
2018-07-08 16:29:00
CVE-2018-17095
2018-09-16 21:29:00
veracode
veracode
Denial Of Service (DoS)
2018-11-09 09:05:30
Arbitrary Code Execution
2020-10-01 03:50:20
debiancve
debiancve
CVE-2018-13440
2018-07-08 16:29:00
CVE-2018-17095
2018-09-16 21:29:00
ubuntucve
ubuntucve
CVE-2018-13440
2018-07-08 00:00:00
CVE-2018-17095
2018-09-16 00:00:00
cve
cve
CVE-2018-13440
2018-07-08 16:29:00
CVE-2018-17095
2018-09-16 21:29:00
suse
suse
Security update for audiofile (low)
2019-04-23 00:00:00
Security update for audiofile (moderate)
2018-11-10 00:11:29
Security update for audiofile (moderate)
2018-10-27 12:12:53
nvd
nvd
CVE-2018-13440
2018-07-08 16:29:00
CVE-2018-17095
2018-09-16 21:29:00
cvelist
cvelist
CVE-2018-13440
2018-07-08 16:00:00
CVE-2018-17095
2018-09-16 21:00:00
prion
prion
Null pointer dereference
2018-07-08 16:29:00
Heap overflow
2018-09-16 21:29:00
redhatcve
redhatcve
CVE-2018-13440
2018-07-12 06:18:43
CVE-2018-17095
2018-09-19 21:19:17
oraclelinux
oraclelinux
audiofile security update
2020-10-06 00:00:00