Medium severity5.5NVD Advisory· Published Dec 12, 2017· Updated May 13, 2026
CVE-2017-17554
CVE-2017-17554
Description
A NULL pointer dereference (DoS) Vulnerability was found in the function aubio_source_avcodec_readframe in io/source_avcodec.c of aubio 0.4.6, which may lead to DoS when playing a crafted audio file.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
aubioPyPI | < 0.4.7 | 0.4.7 |
Affected products
1Patches
1a81b12a3b417src/io/source_avcodec.c: give up if resampling context failed opening (see #137, closes #187)
1 file changed · +2 −0
src/io/source_avcodec.c+2 −0 modified@@ -275,6 +275,8 @@ aubio_source_avcodec_t * new_aubio_source_avcodec(const char_t * path, uint_t sa // default to mono output aubio_source_avcodec_reset_resampler(s, 0); + if (s->avr == NULL) goto beach; + s->eof = 0; s->multi = 0;
Vulnerability mechanics
Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
7- github.com/advisories/GHSA-45h5-cqqw-9rjwghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2017-17554ghsaADVISORY
- github.com/IvanCql/vulnerability/blob/master/An%20NULL%20pointer%20dereference(DoS)%20Vulnerability%20was%20found%20in%20function%20%20aubio_source_avcodec_readframe%20of%20aubio.mdghsaWEB
- github.com/aubio/aubio/blob/0.4.7/ChangeLogghsaWEB
- github.com/aubio/aubio/commit/a81b12a3b4174953b3bc7ef4c37103f4d5636740ghsaWEB
- github.com/pypa/advisory-database/tree/main/vulns/aubio/PYSEC-2017-76.yamlghsaWEB
- github.com/IvanCql/vulnerability/blob/master/An%20NULL%20pointer%20dereference%28DoS%29%20Vulnerability%20was%20found%20in%20function%20%20aubio_source_avcodec_readframe%20of%20aubio.mdnvd
News mentions
0No linked articles in our index yet.