FluidSynth 2.1.7 contains a use after free vulnerability in
sfloader/fluid_sffile.c that can result in arbitrary code execution or a
denial of service (DoS) if a malicious soundfont2 file is loaded into a
fluidsynth library.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | Upstream | noarch | fluidsynth | < 2.1.8 | UNKNOWN |
ubuntu | 21.04 | noarch | fluidsynth | < any | UNKNOWN |
ubuntu | 20.10 | noarch | fluidsynth | < any | UNKNOWN |
ubuntu | 20.04 | noarch | fluidsynth | < any | UNKNOWN |
ubuntu | 18.04 | noarch | fluidsynth | < any | UNKNOWN |
ubuntu | 16.04 | noarch | fluidsynth | < any | UNKNOWN |
ubuntu | 14.04 | noarch | fluidsynth | < any | UNKNOWN |