Medium severity6.5NVD Advisory· Published Jul 8, 2018· Updated Jun 17, 2026
CVE-2018-13440
CVE-2018-13440
Description
The audiofile Audio File Library 0.3.6 has a NULL pointer dereference bug in ModuleState::setup in modules/ModuleState.cpp, which allows an attacker to cause a denial of service via a crafted caf file, as demonstrated by sfconvert.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
9- Range: 0.3.6
- osv-coords8 versionspkg:rpm/opensuse/audiofile&distro=openSUSE%20Leap%2015.0pkg:rpm/suse/audiofile&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015pkg:rpm/suse/audiofile&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4pkg:rpm/suse/audiofile&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/audiofile&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4pkg:rpm/suse/audiofile&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/audiofile&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP4pkg:rpm/suse/audiofile&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5
< 0.3.6-lp150.7.1+ 7 more
- (no CPE)range: < 0.3.6-lp150.7.1
- (no CPE)range: < 0.3.6-3.7.10
- (no CPE)range: < 0.3.6-11.7.8
- (no CPE)range: < 0.3.6-11.7.8
- (no CPE)range: < 0.3.6-11.7.8
- (no CPE)range: < 0.3.6-11.7.8
- (no CPE)range: < 0.3.6-11.7.8
- (no CPE)range: < 0.3.6-11.7.8
Patches
Vulnerability mechanics
References
2- github.com/mpruett/audiofile/issues/49nvdExploitThird Party Advisory
- usn.ubuntu.com/3800-1/nvdThird Party Advisory
News mentions
0No linked articles in our index yet.