Medium severity6.5NVD Advisory· Published Feb 24, 2018· Updated Jun 17, 2026
CVE-2017-18199
CVE-2017-18199
Description
realloc_symlink in rock.c in GNU libcdio before 1.0.0 allows remote attackers to cause a denial of service (NULL Pointer Dereference) via a crafted iso file.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
7- osv-coords6 versionspkg:rpm/suse/libcdio&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015pkg:rpm/suse/libcdio&distro=SUSE%20Linux%20Enterprise%20Point%20of%20Sale%2011%20SP3pkg:rpm/suse/libcdio&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/libcdio&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/libcdio&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5pkg:rpm/suse/libcdio&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP5
< 0.94-6.3.1+ 5 more
- (no CPE)range: < 0.94-6.3.1
- (no CPE)range: < 0.80-8.3.5
- (no CPE)range: < 0.90-6.6.5
- (no CPE)range: < 0.90-6.6.5
- (no CPE)range: < 0.90-6.6.5
- (no CPE)range: < 0.90-6.6.5
Patches
Vulnerability mechanics
References
3- ftp.gnu.org/gnu/libcdio/libcdio-1.0.0.tar.gznvdVendor Advisory
- www.securityfocus.com/bid/103202nvdThird Party AdvisoryVDB Entry
- access.redhat.com/errata/RHSA-2018:3246nvd
News mentions
0No linked articles in our index yet.