AdPlug 2.3.1 has a double free in the Cu6mPlayer
class in u6m.h
.
github.com/adplug/adplug
github.com/adplug/adplug/commit/1a282a486a8e33fef3e15998bf6408d3515dc07e
github.com/adplug/adplug/issues/91
github.com/miller-alex/adplug/commit/8abb9328bf27dcbdafc67ade3e75af0ffd8f7633
lists.fedoraproject.org/archives/list/[email protected]/message/Q32A64R2APAC5PXIMSYIEFDQX5AD4GAS
lists.fedoraproject.org/archives/list/[email protected]/message/U3PW6PLDTPSQQRHKTU2FB72SUB4Q66NE
nvd.nist.gov/vuln/detail/CVE-2019-15151