CVE-2018-10753
Description
Stack-based buffer overflow in abcm2ps <=8.13.20 allows remote attackers to cause denial of service via crafted ABC music file.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Stack-based buffer overflow in abcm2ps <=8.13.20 allows remote attackers to cause denial of service via crafted ABC music file.
Vulnerability
A stack-based buffer overflow exists in the delayed_output function in music.c of abcm2ps through version 8.13.20. The vulnerability is triggered when processing a specially crafted ABC music file, leading to a stack smashing detection and application crash [1].
Exploitation
An attacker can exploit this vulnerability by providing a malicious ABC file to abcm2ps. No authentication or special privileges are required; the attacker only needs to convince a user or automated system to process the file. The crash trace shows that parsing malformed input causes a stack buffer overflow in delayed_output at music.c:5085, ultimately resulting in a segmentation fault [1].
Impact
Successful exploitation results in a denial of service (application crash). The crash trace indicates stack smashing is detected, causing the program to abort. The description also mentions the possibility of unspecified other impact, but no further details are provided [1].
Mitigation
No fixed version is explicitly mentioned in the available references. Users should avoid processing untrusted ABC files with abcm2ps versions up to 8.13.20. Upgrading to a later version, if available, may resolve the issue. This vulnerability is not listed in the CISA Known Exploited Vulnerabilities catalog.
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2Patches
0No patches discovered yet.
Vulnerability mechanics
Root cause
"A stack-based buffer overflow vulnerability exists in the delayed_output function."
Attack vector
Remote attackers can trigger this vulnerability by providing a specially crafted input file to the abcm2ps application. This input causes an overflow in the stack buffer within the `delayed_output` function, leading to a segmentation fault and application crash. The provided debugging output shows the program crashing at `music.c:5085` after receiving a `SIGSEGV` signal [ref_id=1].
Affected code
The vulnerability is located in the `delayed_output` function within the `music.c` file. The crash occurs at line 5085 of this file, as indicated by the backtrace [ref_id=1].
What the fix does
The advisory does not provide a patch or specific details on the fix. However, it indicates that abcm2ps versions through 8.13.20 are affected. Users are advised to update to a version that addresses this vulnerability. The exact remediation steps are not detailed in the provided information.
Preconditions
- inputThe attacker must provide a specially crafted input file that exploits the buffer overflow.
Reproduction
``` (gdb) set args POC (gdb) r abcm2ps-8.13.20 (2018-02-21) File POC POC:3:2: error: Bad character 3 |2ÿÿdÿ&e,d_d&ddªB-ÿ2ÿ ^ POC:3:3: error: Bad character 3 |2ÿÿdÿ&e,d_d&ddªB-ÿ2ÿ . . . POC:3:15: error: Wrong duration in voice overlay POC:4:0: error: Bad character 'k' POC:4:0: error: Note too much dotted POC:5:0: error: Bad character 'N' POC:5:0: error: Bad character 'N' POC:6:1: error: Wrong duration in voice overlay POC:6:3: error: No note in voice overlay POC:6:3: error: Bad character 'K' POC:6:3: error: Bad character 't' POC:6:3: error: Wrong duration in voice overlay POC:6:6: error: !slide! must be on a note or a rest POC:6:27: warning: Line underfull (256pt of 682pt) Program received signal SIGSEGV, Segmentation fault. GI_getenv (name=0x7ffff6a14b8e "BC_FATAL_STDERR", name@entry=0x7ffff6a14b8c "LIBC_FATAL_STDERR") at getenv.c:84 84 getenv.c: No such file or directory. (gdb) bt #0 0x00007ffff68c081d in GI_getenv (name=0x7ffff6a14b8e "BC_FATAL_STDERR", name@entry=0x7ffff6a14b8c "LIBC_FATAL_STDERR") at getenv.c:84 #1 0x00007ffff68c0f02 in _GI___libc_secure_getenv (name=name@entry=0x7ffff6a14b8c "LIBC_FATAL_STDERR") at secure-getenv.c:29 #2 0x00007ffff68fe55a in __libc_message (do_abort=do_abort@entry=1, fmt=fmt@entry=0x7ffff6a1649f "*** %s ***: %s terminated\n") at ../sysdeps/posix/libc_fatal.c:80 #3 0x00007ffff69a015c in __GI___fortify_fail (msg=, msg@entry=0x7ffff6a16481 "stack smashing detected") at fortify_fail.c:37 #4 0x00007ffff69a0100 in __stack_chk_fail () at stack_chk_fail.c:28 #5 0x0000000000507f45 in delayed_output (indent=) at music.c:5085 ```
Generated on Jun 2, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
6- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IGDXW2I3MY3QH4PJXLJET5QZZXMXTNWO/mitrevendor-advisoryx_refsource_FEDORA
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LSTB65NYYCKU7O6RF5B6CYY5IA6CA66Y/mitrevendor-advisoryx_refsource_FEDORA
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W6DUTXB4EC3TQHTTAAIBKJ54GJTF6Y7V/mitrevendor-advisoryx_refsource_FEDORA
- drive.google.com/drive/u/2/folders/1DvBEh5D-eW4UkvX3947UQh62i7hUIFN1mitrex_refsource_MISC
- github.com/leesavide/abcm2ps/issues/16mitrex_refsource_MISC
- lists.debian.org/debian-lts-announce/2022/04/msg00015.htmlmitremailing-listx_refsource_MLIST
News mentions
0No linked articles in our index yet.