Lucene search

PRIOn knowledge basePRION:CVE-2018-20359

HistoryDec 22, 2018 - 3:29 p.m.

Design/Logic Flaw

2018-12-2215:29:00

PRIOn knowledge base

www.prio-n.com

5.4 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

48.5%

JSON

An invalid memory address dereference was discovered in the sbrDecodeSingleFramePS function of libfaad/sbr_dec.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of service.

CPENameOperatorVersion
freeware_advanced_audio_decoder_2eq2.8.8

CPE	Name	Operator	Version
	freeware_advanced_audio_decoder_2	eq	2.8.8

References

github.com/knik0/faad2/issues/29

seclists.org/bugtraq/2019/Sep/28

security.gentoo.org/glsa/202006-17

www.debian.org/security/2019/dsa-4522