Medium severity5.5OSV Advisory· Published Dec 18, 2018· Updated Jun 17, 2026
CVE-2018-20199
CVE-2018-20199
Description
A NULL pointer dereference was discovered in ifilter_bank of libfaad/filtbank.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of service because adding to windowed output is mishandled in the ONLY_LONG_SEQUENCE case.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- Range: 2_8_0, 2_8_1, 2_8_2, …
- Range: =2.8.8
Patches
Vulnerability mechanics
References
5- github.com/knik0/faad2/issues/24nvdExploitThird Party Advisory
- lists.debian.org/debian-lts-announce/2019/08/msg00033.htmlnvdMailing ListThird Party Advisory
- lists.debian.org/debian-lts-announce/2021/10/msg00020.htmlnvdMailing ListThird Party Advisory
- security.gentoo.org/glsa/202006-17nvdThird Party Advisory
- www.debian.org/security/2022/dsa-5109nvdThird Party Advisory
News mentions
0No linked articles in our index yet.